Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Side Channel Cryptanalysis of Product Ciphers
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
A Fast New DES Implementation in Software
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Lattice Scheduling and Covert Channels
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Hardware assisted control flow obfuscation for embedded processors
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
A side-channel analysis resistant description of the AES s-box
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
A low-cost memory remapping scheme for address bus protection
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
A survey of recent developments in cryptographic algorithms for smart cards
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design methods for security and trust
Proceedings of the conference on Design, automation and test in Europe
On the power of simple branch prediction analysis
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Proceedings of the 44th annual Design Automation Conference
Proceedings of the 9th workshop on Multimedia & security
Drm to counter side-channel attacks?
Proceedings of the 2007 ACM workshop on Digital Rights Management
Yet another MicroArchitectural Attack:: exploiting I-Cache
Proceedings of the 2007 ACM workshop on Computer security architecture
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
Collision Attacks on AES-Based MAC: Alpha-MAC
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Light-Weight Instruction Set Extensions for Bit-Sliced Cryptography
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Opportunities and Limits of Remote Timing Attacks
ACM Transactions on Information and System Security (TISSEC)
Deconstructing new cache designs for thwarting software cache-based side channel attacks
Proceedings of the 2nd ACM workshop on Computer security architectures
Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
New AES Software Speed Records
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Workload Characterization of a Lightweight SSL Implementation Resistant to Side-Channel Attacks
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Complete information flow tracking from the gates up
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
De-amortized Cuckoo Hashing: Provable Worst-Case Performance and Experimental Results
ICALP '09 Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part I
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Accelerating AES with Vector Permute Instructions
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit
Proceedings of the 2nd international conference on Security of information and networks
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Resource management for isolation enhanced cloud services
Proceedings of the 2009 ACM workshop on Cloud computing security
Execution leases: a hardware-supported mechanism for enforcing strong non-interference
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
The Intel AES Instructions Set and the SHA-3 Candidates
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cache Timing Analysis of LFSR-Based Stream Ciphers
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Cache Timing Attacks on Clefia
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
A low-cost memory remapping scheme for address bus protection
Journal of Parallel and Distributed Computing
Extended hidden number problem and its cryptanalytic applications
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Advances on access-driven cache attacks on AES
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Blind differential cryptanalysis for enhanced power attacks
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Efficient implementations of multivariate quadratic systems
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Load-based covert channels between Xen virtual machines
Proceedings of the 2010 ACM Symposium on Applied Computing
New branch prediction vulnerabilities in openSSL and necessary software countermeasures
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Analysis of countermeasures against access driven cache attacks on AES
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Cryptanalysis of white-box DES implementations with arbitrary external encodings
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
A fast and cache-timing resistant implementation of the AES
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Oblivious RAMs without cryptogrpahic assumptions
Proceedings of the forty-second ACM symposium on Theory of computing
Predictive black-box mitigation of timing channels
Proceedings of the 17th ACM conference on Computer and communications security
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
New results on instruction cache attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Side-channel analysis of cryptographic software via early-terminating multiplications
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Consecutive S-box lookups: a timing attack on SNOW 3G
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Improved trace-driven cache-collision attacks against embedded AES implementations
WISA'10 Proceedings of the 11th international conference on Information security applications
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
Parallel repetition for leakage resilience amplification revisited
TCC'11 Proceedings of the 8th conference on Theory of cryptography
FinFET-Based Power Management for Improved DPA Resistance with Low Overhead
ACM Journal on Emerging Technologies in Computing Systems (JETC)
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
TRESOR runs encryption securely outside RAM
SEC'11 Proceedings of the 20th USENIX conference on Security
Cryptography with tamperable and leaky memory
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
A cache trace attack on CAMELLIA
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
Compiler mitigations for time attacks on modern x86 processors
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
Trace-driven cache attacks on AES (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Cache-collision timing attacks against AES
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Protecting circuits from leakage: the computationally-bounded and noisy cases
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Cache based power analysis attacks on AES
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Predicting secret keys via branch prediction
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Cache based remote timing attack on the AES
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Differential cache-collision timing attacks on AES with applications to embedded CPUs
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
An enhanced differential cache attack on CLEFIA for large cache lines
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Multiparty computation secure against continual memory leakage
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Side-channel vulnerability factor: a metric for measuring information leakage
Proceedings of the 39th Annual International Symposium on Computer Architecture
Proceedings of the 39th Annual International Symposium on Computer Architecture
An introspection-based memory scraper attack against virtualized point of sale systems
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
TreVisor: OS-independent software-based full disk encryption secure against main memory attacks
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Cross-VM side channels and their use to extract private keys
Proceedings of the 2012 ACM conference on Computer and communications security
Fine tuning the advanced encryption standard (AES)
Proceedings of the Fifth International Conference on Security of Information and Networks
An analytical model for time-driven cache attacks
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Improvement of trace-driven I-Cache timing attack on the RSA algorithm
Journal of Systems and Software
The security impact of a new cryptographic library
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
The stream cipher core of the 3GPP encryption standard 128-EEA3: timing attacks and countermeasures
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
SPACE'12 Proceedings of the Second international conference on Security, Privacy, and Applied Cryptography Engineering
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
A leakage-resilient zero knowledge proof for lattice problem
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Distributed oblivious RAM for secure two-party computation
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Memory access pattern protection for resource-constrained devices
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Optimized GPU implementation and performance analysis of HC series of stream ciphers
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
A practical testing framework for isolating hardware timing channels
Proceedings of the Conference on Design, Automation and Test in Europe
Side channel vulnerability metrics: the promise and the pitfalls
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Security testing of a secure cache design
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Unraveling timewarp: what all the fuzz is about?
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Cloudoscopy: services discovery and topology mapping
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Sleuth: automated verification of software power analysis countermeasures
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
Memory encryption: A survey of existing techniques
ACM Computing Surveys (CSUR)
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
Hi-index | 0.00 |
We describe several software side-channel attacks based on inter-process leakage through the state of the CPU’s memory cache. This leakage reveals memory access patterns, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups. The attacks allow an unprivileged process to attack other processes running in parallel on the same processor, despite partitioning methods such as memory protection, sandboxing and virtualization. Some of our methods require only the ability to trigger services that perform encryption or MAC using the unknown key, such as encrypted disk partitions or secure network links. Moreover, we demonstrate an extremely strong type of attack, which requires knowledge of neither the specific plaintexts nor ciphertexts, and works by merely monitoring the effect of the cryptographic process on the cache. We discuss in detail several such attacks on AES, and experimentally demonstrate their applicability to real systems, such as OpenSSL and Linux’s dm-crypt encrypted partitions (in the latter case, the full key can be recovered after just 800 writes to the partition, taking 65 milliseconds). Finally, we describe several countermeasures for mitigating such attacks.