Filters








1,990 Hits in 6.8 sec

Winter is here! A decade of cache-based side-channel attacks, detection & mitigation for RSA

Maria Mushtaq, Muhammad Asim Mukhtar, Vianney Lapotre, Muhammad Khurram Bhatti, Guy Gogniat
2020 Information Systems  
It then undertakes a qualitative analysis of secret key retrieval efficiency, complexity, and the features being exploited on target cryptosystems in these attacks.  ...  A decade of cache-based side-channel attacks, detection & mitigation for RSA, Information Systems (2020), Highlights The highlights of this paper are the following ones. • We propose a threat model to  ...  Depending on the location of the attacker, time-driven attacks fall into two categories: active time-driven cache attacks and passive time-driven cache attacks.  ... 
doi:10.1016/j.is.2020.101524 fatcat:odegutokz5hrhmwsznlc7px6qm

Towards More Practical Time-Driven Cache Attacks [chapter]

Raphael Spreitzer, Benoît Gérard
2014 Lecture Notes in Computer Science  
Furthermore, we analyze the most recent improvement of time-driven cache attacks, presented by Aly and ElGayyar, according to its applicability on ARM Cortex-A platforms.  ...  Focusing on both of these steps, we discuss potential enhancements of Bernstein's cache-timing attack against the Advanced Encryption Standard (AES).  ...  In this work, we focus on the investigation of the time-driven cache attack proposed by Bernstein [4] .  ... 
doi:10.1007/978-3-662-43826-8_3 fatcat:5suf45cmlzd65bvk2ly52srm7q

Defeating Hardware Prefetchers in Flush+Reload Side-channel Attack

Zihao Wang, Shuanghe Peng, Wenbin Jiang, Xinyue Guo
2021 IEEE Access  
One thing that has not been well studied is the impact of the hardware prefetching on side channel attacks. Hardware prefetching [8] is a feature of modern processors and enabled by default.  ...  efficiency.  ... 
doi:10.1109/access.2021.3056190 fatcat:yce6gxgjtnhmbg6i4fxizg2iui

Validation of Abstract Side-Channel Models for Computer Architectures [chapter]

Hamed Nemati, Pablo Buiras, Andreas Lindner, Roberto Guanciale, Swen Jacobs
2020 Lecture Notes in Computer Science  
We have evaluated our framework by validating models that abstract the data-cache side channel of a Raspberry Pi 3 board with a processor implementing the ARMv8-A architecture.  ...  We introduce a methodology and a tool, Scam-V, to validate observational models for modern computer architectures.  ...  the Swedish Foundation for Strategic Research, the KTH CERCES Center for Resilient Critical Infrastructures financed by the Swedish Civil Contingencies Agency, as well as the German Federal Ministry of  ... 
doi:10.1007/978-3-030-53288-8_12 fatcat:a3lfammd4fb4tbf27uhgsl7m2q

Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses

Jakub Szefer
2018 Journal of Hardware and Systems Security  
And in some attacks even co-location is not needed, only timing of the execution of the victim as measured by a remote attacker over the network can form a side channel for information leaks.  ...  Processor microarchitectural side and covert channel attacks have emerged as some of the most clever attacks, and ones which are difficult to deal with, without impacting system performance.  ...  Scope of the Survey This survey focuses on side and covert channels which may exist inside a modern processor.  ... 
doi:10.1007/s41635-018-0046-1 dblp:journals/jhss/Szefer19 fatcat:zttnnct3abfztal47n2evmb62e

Meet the Sherlock Holmes' of Side Channel Leakage: A Survey of Cache SCA Detection Techniques

Ayaz Akram, Maria Mushtaq, Muhammad Khurram Bhatti, Vianney Lapotre, Guy Gogniat
2020 IEEE Access  
Detection of cache side channel attacks is an important step towards mitigating against such hostile entities.  ...  Cache Side Channel Attacks (SCAs) have gained a lot of attention in the recent past. Since, these attacks exploit the caching hardware vulnerabilities, they are fast and dangerous.  ...  Time-driven attacks are further categorized into active time-driven cache attacks and passive time-driven cache attacks.  ... 
doi:10.1109/access.2020.2980522 fatcat:m56pih7ntbdubci2slah7hlkci

Validation of Abstract Side-Channel Models for Computer Architectures [article]

Hamed Nemati and Pablo Buiras and Andreas Lindner and Roberto Guanciale and Swen Jacobs
2020 arXiv   pre-print
We have evaluated our framework by validating models that abstract the data-cache side channel of a Raspberry Pi 3 board with a processor implementing the ARMv8-A architecture.  ...  We introduce a methodology and a tool, Scam-V, to validate observational models for modern computer architectures.  ...  the Swedish Foundation for Strategic Research, the KTH CERCES Center for Resilient Critical Infrastructures financed by the Swedish Civil Contingencies Agency, as well as the German Federal Ministry of  ... 
arXiv:2005.05254v1 fatcat:hdb6e7a4tfemjoxnxiikpzct7u

Performance/Watt

James Laudon
2005 SIGARCH Computer Architecture News  
In this paper, we argue that attacking thread-level parallelism (TLP) via a large number of simple cores on a chip multiprocessor (CMP) leads to much better performance/Watt for server workloads.  ...  As a result, we are now at the point where the performance/Watt of subsequent generations of traditional ILP-focused processors on server workloads has been flat [4] or even decreasing.  ...  A complex processor chip is necessarily the effort of many people.  ... 
doi:10.1145/1105734.1105737 fatcat:ududf2eobbgbfamqkdxwptcrke

Covert and Side Channels Due to Processor Architecture

Zhenghong Wang, Ruby Lee
2006 Proceedings of the Computer Security Applications Conference  
Information leakage through covert channels and side channels is becoming a serious problem, especially when these are enhanced by modern processor architecture features.  ...  We first illustrate the reality and severity of this problem by describing concrete attacks. We identify two new covert channels. We show orders of magnitude increases in covert channel capacities.  ...  He found that for most software AES implementations running on modern processors, the execution time of an encryption is input-dependent and can be exploited to recover the secret encryption key.  ... 
doi:10.1109/acsac.2006.20 dblp:conf/acsac/WangL06 fatcat:wxragbo7h5c3livmulyskqqyqy

A survey of microarchitectural timing attacks and countermeasures on contemporary hardware

Qian Ge, Yuval Yarom, David Cock, Gernot Heiser
2016 Journal of Cryptographic Engineering  
We classify types of attacks according to a taxonomy of the shared resources leveraged for such attacks. Moreover, we take a detailed look at attacks used against shared caches.  ...  Microarchitectural timing channels expose hidden hardware state though timing.  ...  Time-driven attacks, like trace-driven attacks, observe cache hits and misses.  ... 
doi:10.1007/s13389-016-0141-6 fatcat:7fvkr7h54rbl5mx6vrochsgtkm

Leaking Secrets through Modern Branch Predictor in the Speculative World [article]

Md Hafizul Islam Chowdhuryy, Fan Yao
2021 arXiv   pre-print
We present an extensive BranchSpectre code gadget analysis on a set of popular real-world application code bases followed by a demonstration of real-world side channel attack on OpenSSL.  ...  To evaluate the discovered vulnerability, we build a novel attack framework, BranchSpectre, that enables exfiltration of unintended secrets through observing speculative PHT updates (in the form of covert  ...  Evaluation on PoC of BranchSpectre side channel. We first evaluate the BranchSpectre side channel on a Proofof-concept (PoC) attack.  ... 
arXiv:2107.09833v1 fatcat:3fovrjwoxnglla6g53cwcutqcu

Design Alternatives for a High-Performance Self-Securing Ethernet Network Interface

Derek L. Schuff, Vijay S. Pai
2007 2007 IEEE International Parallel and Distributed Processing Symposium  
By efficiently offloading the computationally difficult task of intrusion detection to the network interface, LineSnort enables intrusion detection to run directly on PC-based network servers rather than  ...  Such performance requires the system to use hardware-assisted string matching and a small shared data cache.  ...  These overheads limit Snort to a traffic rate of less than 500 Mbps on a modern host machine (2.0 GHz AMD Opteron processor system), even with full access to the CPU.  ... 
doi:10.1109/ipdps.2007.370290 dblp:conf/ipps/SchuffP07 fatcat:iz3art5mtzcr7kvpxxmmnjsymm

New Results on Instruction Cache Attacks [chapter]

Onur Acıiçmez, Billy Bob Brumley, Philipp Grabher
2010 Lecture Notes in Computer Science  
As a result, we are capable of carrying out efficient automated attacks using live I-cache timing data.  ...  Previous I-cache attacks were proof-of-concept: we present results of an actual attack in a real-world setting, proving these attacks to be realistic.  ...  The authors would like to thank Dan Page for his input throughout the duration of this work.  ... 
doi:10.1007/978-3-642-15031-9_8 fatcat:2aciod2pg5astlce4pqtlpzsri

Software-based Microarchitectural Attacks [article]

Daniel Gruss
2017 arXiv   pre-print
Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed.  ...  In the first part, we provide background on modern processor architectures and discuss state-of-the-art attacks and defenses in the area of microarchitectural side-channel attacks and microarchitectural  ...  We demonstrate generic unprivileged virtual-to-physical address translation attack in the presence of a physical direct map in kernel or hypervisor, on Linux and in a PVM on Amazon EC2.  ... 
arXiv:1706.05973v1 fatcat:4hwdpe4dancmblsxasg3a75h7a

Cross-VM side channels and their use to extract private keys

Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
This attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen).  ...  This paper details the construction of an access-driven sidechannel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer  ...  This work was supported in part by NSF grants 0910483 and 1065134, the Science of Security Lablet, and a grant from VMWare.  ... 
doi:10.1145/2382196.2382230 dblp:conf/ccs/ZhangJRR12 fatcat:i724fii3mzazln5lk2kryhvpsq
« Previous Showing results 1 — 15 out of 1,990 results