A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Electromagnetic Analysis: Concrete Results
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Bioinformatics: Databases and Algorithms
Bioinformatics: Databases and Algorithms
Virtual machines for enterprise desktop security
Information Security Tech. Report
On the power of simple branch prediction analysis
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Cheap Hardware Parallelism Implies Cheap Security
FDTC '07 Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography
Yet another MicroArchitectural Attack:: exploiting I-Cache
Proceedings of the 2007 ACM workshop on Computer security architecture
The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series)
The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series)
Secretly monopolizing the CPU without superuser privileges
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Remote timing attacks are practical
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Efficient Cache Attacks on AES, and Countermeasures
Journal of Cryptology
Communications of the ACM
Advances on access-driven cache attacks on AES
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
New results on instruction cache attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
LIBSVM: A library for support vector machines
ACM Transactions on Intelligent Systems and Technology (TIST)
HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
An exploration of L2 cache covert channels in virtualized environments
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing
NCA '11 Proceedings of the 2011 IEEE 10th International Symposium on Network Computing and Applications
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Cache based remote timing attack on the AES
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Error bounds for convolutional codes and an asymptotically optimum decoding algorithm
IEEE Transactions on Information Theory
A public key cryptosystem and a signature scheme based on discrete logarithms
IEEE Transactions on Information Theory
Non-interactive OS fingerprinting through memory de-duplication technique in virtual machines
PCCC '11 Proceedings of the 30th IEEE International Performance Computing and Communications Conference
Are AES x86 cache timing attacks still feasible?
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Towards verifiable resource accounting for outsourced computation
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Security testing of a secure cache design
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Identity, location, disease and more: inferring your secrets from android public resources
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Formal verification of information flow security for a simple arm-based separation kernel
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Cloudoscopy: services discovery and topology mapping
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
TerraCheck: verification of dedicated cloud storage
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
Flying over Mobile Clouds with Security Planes: Select Your Class of SLA for End-to-End Security
UCC '13 Proceedings of the 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing
cTPM: a cloud TPM for cross-device trusted applications
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer. This attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen). Such systems are very common today, ranging from desktops that use virtualization to sandbox application or OS compromises, to clouds that co-locate the workloads of mutually distrustful customers. Constructing such a side-channel requires overcoming challenges including core migration, numerous sources of channel noise, and the difficulty of preempting the victim with sufficient frequency to extract fine-grained information from it. This paper addresses these challenges and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victim using the most recent version of the libgcrypt cryptographic library.