Jan Wichelmann
ABSTRACT
Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by incremental software patches for the RSA algorithm against variants of side-channel attacks within different versions of cryptographic libraries, protecting security-critical algorithms against side channels is an intricate task. Software protections avoid leakages by operating in constant time with a uniform resource usage pattern independent of the processed secret. In this respect, automated testing and verification of software binaries for leakage-free behavior is of importance, particularly when the source code is not available. In this work, we propose a novel technique based on Dynamic Binary Instrumentation and Mutual Information Analysis to efficiently locate and quantify memory based and control-flow based microarchitectural leakages. We develop a software framework named MicroWalk for side-channel analysis of binaries which can be extended to support new classes of leakage. For the first time, by utilizing MicroWalk, we perform rigorous leakage analysis of two widely-used closed-source cryptographic libraries: Intel IPP and Microsoft CNG. We analyze 15 different cryptographic implementations consisting of 112 million instructions in about 105 minutes of CPU time. By locating previously unknown leakages in hardened implementations, our results suggest that MicroWalk can efficiently find microarchitectural leakages in software binaries.
- Onur Aciiçmez, Billy Bob Brumley, and Philipp Grabher. 2010. New Results on Instruction Cache Attacks. In Proceedings of the 12th International Conference on Cryptographic Hardware and Embedded Systems (CHES'10). Springer, Berlin, Heidelberg, 110--124. Google Scholar
Digital Library
- Onur Aciiçmez, Çetin Kaya Koç, and Jean-Pierre Seifert. 2007. On the Power of Simple Branch Prediction Analysis. In Proceedings of the 2Nd ACM Symposium on Information, Computer and Communications Security (ASIACCS '07). ACM, New York, NY, USA, 312--320. Google ScholarDigital Library
- Onur Acıiçmez, Çetin Kaya Koç, and Jean-Pierre Seifert. 2006. Predicting Secret Keys via Branch Prediction. In Proceedings of the 7th Cryptographers' Track at the RSA Conference on Topics in Cryptology (CT-RSA'07). Springer, Berlin, Heidelberg, 225--242. Google ScholarDigital Library
- Jose Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, and Michael Emmi. 2016. Verifying Constant-Time Implementations. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 53--70. Google ScholarDigital Library
- J. Bacelar Almeida, Manuel Barbosa, Jorge S. Pinto, and Bárbara Vieira. 2013. Formal verification of side-channel countermeasures using self-composition. Science of Computer Programming 78, 7 (2013), 796--812. Google ScholarDigital Library
- Dennis Andriesse, Xi Chen, Victor van der Veen, Asia Slowinska, and Herbert Bos. 2016. An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 583--600. Google ScholarDigital Library
- ARM. {n. d.}. Cortex-M3 Technical Reference Manual. Chapter 18.4. Accessed: 2018--02-27.Google Scholar
- L. Bai, Y. Zhang, and G. Yang. 2012. SM2 cryptographic algorithm based on discrete logarithm problem and prospect. In 2012 2nd International Conference on Consumer Electronics, Communications and Networks (CECNet). 1294--1297.Google Scholar
- Gilles Barthe, Gustavo Betarte, Juan Campo, Carlos Luna, and David Pichardie. 2014. System-level Non-interference for Constant-time Cryptography. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 1267--1279. Google ScholarDigital Library
- Ali Galip Bayrak, Francesco Regazzoni, David Novo, Philip Brisk, François-Xavier Standaert, and Paolo Ienne. 2015. Automatic application of power analysis countermeasures. IEEE Trans. Comput. 64, 2 (2015), 329--341.Google ScholarCross Ref
- Sofia Bekrar, Chaouki Bekrar, Roland Groz, and Laurent Mounier. 2011. Finding software vulnerabilities by smart fuzzing. In Software Testing, Verification and Validation (ICST), 2011 IEEE Fourth International Conference on. IEEE, 427--430. Google ScholarDigital Library
- Naomi Benger, Joop van de Pol, Nigel P. Smart, and Yuval Yarom. 2014. "Ooh Aah... Just a Little Bit": A Small Amount of Side Channel Can Go a Long Way. In Cryptographic Hardware and Embedded Systems -- CHES 2014. Springer, Berlin, Heidelberg, 75--92. Google ScholarDigital Library
- Daniel J Bernstein. 2005. Cache-timing attacks on AES. (2005).Google Scholar
- Sandrine Blazy, David Pichardie, and Alix Trieu. 2017. Verifying constant-time implementations by abstract interpretation. In European Symposium on Research in Computer Security. Springer, Springer, 260--277.Google ScholarCross Ref
- Daniel Bleichenbacher. 1998. Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. In Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO '98). Springer, London, UK, UK, 1--12. Google ScholarDigital Library
- Barry Bond, Chris Hawblitzel, Manos Kapritsos, K. Rustan M. Leino, Jacob R. Lorch, Bryan Parno, Ashay Rane, Srinath Setty, and Laure Thompson. 2017. Vale: Verifying High-Performance Cryptographic Assembly Code. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 917--934. Google ScholarDigital Library
- Ernie Brickell, Gary Graunke, and Jean-Pierre Seifert. 2006. Mitigating cache/timing based side-channels in AES and RSA software implementations. In RSA Conference 2006 session DEV-203. RSA.Google Scholar
- Samira Briongos, Gorka Irazoqui, Pedro Malagón, and Thomas Eisenbarth. 2018. CacheShield: Detecting Cache Attacks Through Self-Observation. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (CODASPY '18). ACM, New York, NY, USA, 224--235. Google ScholarDigital Library
- David Brumley and Dan Boneh. 2003. Remote Timing Attacks Are Practical. In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12 (SSYM'03). USENIX Association, Berkeley, CA, USA, 1--1. Google ScholarDigital Library
- Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1041--1056. Google ScholarDigital Library
- Sunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, and Deian Stefan. 2017. FaCT: A Flexible, Constant-Time Programming Language. In IEEE Cybersecurity Development, SecDev 2017, Cambridge, MA, USA, September 24--26, 2017. 69--76.Google Scholar
- Sudipta Chattopadhyay, Moritz Beck, Ahmed Rezine, and Andreas Zeller. 2017. Quantifying the Information Leak in Cache Attacks via Symbolic Execution. In Proceedings of the 15th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE '17). ACM, New York, NY, USA, 25--35. Google ScholarDigital Library
- Jean-Sébasticn Coron, Paul Kocher, and David Naccache. 2001. Statistics and Secret Leakage. In Financial Cryptography. Springer, Berlin, Heidelberg, 157--173. Google ScholarDigital Library
- Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 857--874. Google ScholarDigital Library
- Fergus Dall, Gabrielle De Micheli, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, and Yuval Yarom. 2018. CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 2 (2018), 171--191.Google ScholarCross Ref
- Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen. 2017. Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 51--67. Google ScholarDigital Library
- Goran Doychev, Dominik Feld, Boris Kopf, Laurent Mauborgne, and Jan Reineke. 2013. CacheAudit: A Tool for the Static Analysis of Cache Side Channels. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13). USENIX, Washington, D.C., 431--446. Google ScholarDigital Library
- Goran Doychev and Boris Köpf. 2017. Rigorous Analysis of Software Countermeasures Against Cache Attacks. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017). ACM, New York, NY, USA, 406--421. Google ScholarDigital Library
- DynamoRIO {n. d.}. DynamoRIO: Dynamic Instrumentation Tool Platform. http://dynamorio.org/. ({n. d.}). Accessed: 2018-02-27.Google Scholar
- Dmitry Evtyushkin, Dmitry Ponomarev, and Nael Abu-Ghazaleh. 2016. Jump over ASLR: Attacking Branch Predictors to Bypass ASLR. In The 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO-49). IEEE Press, Piscataway, NJ, USA, Article 40, 13 pages. Google ScholarDigital Library
- Ivan Fratric. {n. d.}. WinAFL. https://github.com/ivanfratric/winafl. ({n. d.}). Accessed: 2018-02-27.Google Scholar
- Qian Ge, Yuval Yarom, David Cock, and Gernot Heiser. 2018. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. Journal of Cryptographic Engineering 8, 1 (01 Apr 2018), 1--27.Google ScholarCross Ref
- Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer. 2015. Stealing keys from PCs using a radio: Cheap electromagnetic attacks on windowed exponentiation. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, Springer, Berlin, Heidelberg, 207--228.Google ScholarCross Ref
- Benedikt Gierlichs, Lejla Batina, Pim Tuyls, and Bart Preneel. 2008. Mutual Information Analysis. In Cryptographic Hardware and Embedded Systems -- CHES 2008. Springer, Berlin, Heidelberg, 426--442. Google ScholarDigital Library
- Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 897--912. Google ScholarDigital Library
- Silviu Guiaşu. 1977. Information theory with new applications. McGraw-Hill Companies.Google Scholar
- Berk Gulmezoglu, Andreas Zankl, Thomas Eisenbarth, and Berk Sunar. 2017. PerfWeb: How to Violate Web Privacy with Hardware Performance Events. In Computer Security -- ESORICS 2017. Springer, 80--97.Google Scholar
- Jae-Cheol Ha and Sang-Jae Moon. 1998. A common-multiplicand method to the montgomery algorithm for speeding up exponentiation. Inform. Process. Lett. 66, 2 (1998), 105--107. Google ScholarDigital Library
- Mike Hamburg. 2009. Accelerating AES with Vector Permute Instructions.. In CHES, Vol. 5747. Springer, Springer, Berlin, Heidelberg, 18--32. Google ScholarDigital Library
- Intel. {n. d.}. Intel Digital Random Number Generator (DRNG) Software Implementation Guide. https://intel.ly/1VNnVkE. ({n. d.}). Accessed: 2018--06-13.Google Scholar
- Intel. {n. d.}. Symmetric Cryptography Primitive Functions. https://intel.ly/2xwNvCM. ({n. d.}).Google Scholar
- Intel. {n. d.}. Understanding CPU Dispatching in the Intel® IPP Libraries. https://intel.ly/2QAcQo6. ({n. d.}). Accessed: 2018--02-27.Google Scholar
- Gorka Irazoqui, Kai Cong, Xiaofei Guo, Hareesh Khattri, Arun K. Kanuparthi, Thomas Eisenbarth, and Berk Sunar. 2017. Did we learn from LLC Side Channel Attacks? A Cache Leakage Detection Tool for Crypto Libraries. CoRR abs/1709.01552 (2017). arXiv:1709.01552 http://arxiv.org/abs/1709.01552Google Scholar
- Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. 2015. S$A: A Shared Cache Attack That Works Across Cores and Defies VM Sandboxing -- and Its Application to AES. In Proceedings of the 2015 IEEE Symposium on Security and Privacy (SP '15). IEEE Computer Society, Washington, DC, USA, 591--604. Google ScholarDigital Library
- Don Johnson, Alfred Menezes, and Scott Vanstone. 2001. The elliptic curve digital signature algorithm (ECDSA). International journal of information security 1, 1 (2001), 36--63. Google ScholarDigital Library
- Thierry Kaufmann, Hervé Pelletier, Serge Vaudenay, and Karine Villegas. 2016. When Constant-Time Source Yields Variable-Time Binary: Exploiting Curve25519-donna Built with MSVC 2015. In Cryptology and Network Security. Springer, 573--582.Google Scholar
- Mehmet Kayaalp, Khaled N. Khasawneh, Hodjat Asghari Esfeden, Jesse Elwell, Nael Abu-Ghazaleh, Dmitry Ponomarev, and Aamer Jaleel. 2017. RIC: Relaxed Inclusion Caches for Mitigating LLC Side-Channel Attacks. In Proceedings of the 54th Annual Design Automation Conference 2017 (DAC '17). ACM, New York, NY, USA, Article 7, 6 pages. Google ScholarDigital Library
- S McCURLEY Kevin. 1990. The discrete logarithm problem. Cryptology and computational number theory 42 (1990), 49.Google Scholar
- Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. ArXiv e-prints (Jan. 2018). arXiv:1801.01203Google Scholar
- Paul C. Kocher. 1996. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Advances in Cryptology --- CRYPTO '96. Springer, Berlin, Heidelberg, 104--113. Google ScholarDigital Library
- Boris Köpf, Laurent Mauborgne, and Martín Ochoa. 2012. Automatic Quantification of Cache Side-Channels. In Computer Aided Verification. Springer, Berlin, Heidelberg, 564--580. Google ScholarDigital Library
- A Langley. 2010. ctgrind: Checking that functions are constant time with Valgrind. (2010).Google Scholar
- Chris Lattner and Vikram Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO '04). IEEE Computer Society, Washington, DC, USA, 75--. Google ScholarDigital Library
- Moritz Lipp, Daniel Gruss, Michael Schwarz, David Bidner, Clémentine Maurice, and Stefan Mangard. 2017. Practical Keystroke Timing Attacks in Sandboxed JavaScript. In Computer Security -- ESORICS 2017. Springer, 191--209.Google Scholar
- Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 549--564. Google ScholarDigital Library
- Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, and Ruby B Lee. 2016. Catalyst: Defeating last-level cache side channel attacks in cloud computing. In High Performance Computer Architecture (HPCA), 2016 IEEE International Symposium on. IEEE, 406--418.Google ScholarCross Ref
- Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-Level Cache Side-Channel Attacks Are Practical. In Proceedings of the 2015 IEEE Symposium on Security and Privacy (SP '15). IEEE Computer Society, Washington, DC, USA, 605--622. Google ScholarDigital Library
- Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '05). ACM, New York, NY, USA, 190--200. Google ScholarDigital Library
- Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2007. Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security). Springer, Berlin, Heidelberg. Google ScholarDigital Library
- Richard McNally, Ken Yiu, Duncan Grove, and Damien Gerhardy. 2012. Fuzzing: The State of the Art. http://bit.ly/2DgUIrq. (2012).Google Scholar
- Ahmad Moghimi, Thomas Eisenbarth, and Berk Sunar. 2018. MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations in SGX. In Topics in Cryptology - CT-RSA 2018 - The Cryptographers' Track at the RSA Conference 2018, San Francisco, CA, USA, April 16--20, 2018, Proceedings. 21--44.Google Scholar
- Ahmad Moghimi, Gorka Irazoqui, and Thomas Eisenbarth. 2017. CacheZoom: How SGX Amplifies the Power of Cache Attacks. In Cryptographic Hardware and Embedded Systems -- CHES 2017. Springer, 69--90.Google Scholar
- Nicholas Nethercote. 2004. Dynamic binary analysis and instrumentation. Technical Report. University of Cambridge, Computer Laboratory.Google Scholar
- Kaisa Nyberg and Rainer A. Rueppel. 1993. A New Signature Scheme Based on the DSA Giving Message Recovery. In Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS '93). ACM, New York, NY, USA, 58--61. Google ScholarDigital Library
- Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache Attacks and Countermeasures: The Case of AES. In Topics in Cryptology -- CT-RSA 2006. Springer, Berlin, Heidelberg, 1--20. Google ScholarDigital Library
- C. S. Pasareanu, Q. Phan, and P. Malacaria. 2016. Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT. In 2016 IEEE 29th Computer Security Foundations Symposium (CSF). 387--400.Google Scholar
- Colin Percival. 2005. Cache missing for fun and profit. (2005).Google Scholar
- Cesar Pereida García, Billy Bob Brumley, and Yuval Yarom. 2016. "Make Sure DSA Signing Exponentiations Really Are Constant-Time". In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security(CCS 16). ACM, New York, NY, USA, 1639--1650. Google ScholarDigital Library
- NIST FIPS PUB. 1993. Digital signature standard. (1993).Google Scholar
- Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 431--446. Google ScholarDigital Library
- O. Reparaz, J. Balasch, and I. Verbauwhede. 2017. Dude, is my code constant time?. In Design, Automation Test in Europe Conference Exhibition (DATE), 2017. 1697--1702. Google ScholarDigital Library
- Laurent Simon, David Chisnall, and Ross Anderson. 2018. What you get is what you C: Controlling side effects in mainstream C compilers. (2018).Google Scholar
- Rohit Sinha, Sriram Rajamani, and Sanjit A. Seshia. 2017. A Compiler and Verifier for Page Access Oblivious Computation. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2017). ACM, New York, NY, USA, 649--660. Google ScholarDigital Library
- Geoffrey Smith. 2009. On the Foundations of Quantitative Information Flow. In Foundations of Software Science and Computational Structures. Springer, 288--302.Google Scholar
- François-Xavier Standaert, Tal G. Malkin, and Moti Yung. 2009. A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In Advances in Cryptology - EUROCRYPT 2009. Springer, Berlin, Heidelberg, 443--461.Google Scholar
- Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: An Extremely Simple Oblivious RAM Protocol. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS '13). ACM, New York, NY, USA, 299--310. Google ScholarDigital Library
- Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, and Dinghao Wu. 2017. CacheD: Identifying Cache-Based Timing Channels in Production Software. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 235--252. Google ScholarDigital Library
- Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A Gunter. 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, ACM, New York, NY, USA, 2421--2434. Google ScholarDigital Library
- Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, and Georg Sigl. 2018. DATA -- Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 603--620. Google ScholarDigital Library
- Bernard L Welch. 1947. The generalization of student's' problem when several different population variances are involved. Biometrika 34, 1/2 (1947), 28--35.Google ScholarCross Ref
- Yuan Xiao, Mengyuan Li, Sanchuan Chen, and Yinqian Zhang. 2017. STACCO: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17). ACM, New York, NY, USA, 859--874. Google ScholarDigital Library
- Yuanzhong Xu, Weidong Cui, and Marcus Peinado. 2015. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In Proceedings of the 2015 IEEE Symposium on Security and Privacy (SP '15). IEEE Computer Society, Washington, DC, USA, 640--656. Google ScholarDigital Library
- Yuval Yarom and Naomi Benger. 2014. Recovering OpenSSL ECDSA Nonces Using the FLUSH+ RELOAD Cache Side-channel Attack. IACR Cryptology ePrint Archive 2014 (2014), 140.Google Scholar
- Yuval Yarom, Daniel Genkin, and Nadia Heninger. 2017. CacheBleed: a timing attack on OpenSSL constant-time RSA. Journal of Cryptographic Engineering 7, 2 (2017), 99--112.Google ScholarCross Ref
- Andreas Zankl, Johann Heyszl, and Georg Sigl. 2017. Automated Detection of Instruction Cache Leaks in Modular Exponentiation Software. In Smart Card Research and Advanced Applications. Springer, 228--244.Google Scholar
- Tianwei Zhang and Ruby B. Lee. 2014. New Models of Cache Architectures Characterizing Information Leakage from Cache Side Channels. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC '14). ACM, New York, NY, USA, 96--105. Google ScholarDigital Library
- Tianwei Zhang, Yinqian Zhang, and Ruby B. Lee. 2016. CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds. In Research in Attacks, Intrusions, and Defenses. Springer, 118--140.Google Scholar
Recommendations
Protecting Enclaves from Intra-Core Side-Channel Attacks through Physical Isolation
CYSARM'20: Proceedings of the 2nd Workshop on Cyber-Security Arms RaceSystems that protect enclaves from privileged software must consider software-based side-channel attacks. Our system isolates enclaves on separate secure cores to stop attackers from running on the same core as the victim, which mitigates intra-core ...
Jump over ASLR: attacking branch predictors to bypass ASLR
MICRO-49: The 49th Annual IEEE/ACM International Symposium on MicroarchitectureAddress Space Layout Randomization (ASLR) is a widely-used technique that protects systems against a range of attacks. ASLR works by randomizing the offset of key program segments in virtual memory, making it difficult for an attacker to derive the ...
To BLISS-B or not to be: Attacking strongSwan's Implementation of Post-Quantum Signatures
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityIn the search for post-quantum secure alternatives to RSA and ECC, lattice-based cryptography appears to be an attractive and efficient option. A particularly interesting lattice-based signature scheme is BLISS, offering key and signature sizes in the ...
Comments