Book ChapterDOI
Cache attacks and countermeasures: the case of AES
Dag Arne Osvik,Adi Shamir,Eran Tromer +2 more
- pp 1-20
Reads0
Chats0
TLDR
In this article, the authors describe side-channel attacks based on inter-process leakage through the state of the CPU's memory cache, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups.Abstract:
We describe several software side-channel attacks based on inter-process leakage through the state of the CPU’s memory cache. This leakage reveals memory access patterns, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups. The attacks allow an unprivileged process to attack other processes running in parallel on the same processor, despite partitioning methods such as memory protection, sandboxing and virtualization. Some of our methods require only the ability to trigger services that perform encryption or MAC using the unknown key, such as encrypted disk partitions or secure network links. Moreover, we demonstrate an extremely strong type of attack, which requires knowledge of neither the specific plaintexts nor ciphertexts, and works by merely monitoring the effect of the cryptographic process on the cache. We discuss in detail several such attacks on AES, and experimentally demonstrate their applicability to real systems, such as OpenSSL and Linux’s dm-crypt encrypted partitions (in the latter case, the full key can be recovered after just 800 writes to the partition, taking 65 milliseconds). Finally, we describe several countermeasures for mitigating such attacks.read more
Citations
More filters
Proceedings ArticleDOI
Spectre without shared memory
Ben Amos,Niv Gilboa,Arbel Levy +2 more
TL;DR: This work constructs the first Spectre type attack in which the target and the attacker do not share any memory pages, and develops new techniques for the attack including accurate location of the target's code and data in the shared cache, noise suppression enabling reliable retrieval of thetarget's data and optimizations speeding up the retrieval process.
Book ChapterDOI
Undermining Isolation Through Covert Channels in the Fiasco.OC Microkernel
Michael Peter,Matthias Petschick,Julian Vetter,Jan Nordholz,Janis Danisevskis,Jean-Pierre Seifert +5 more
TL;DR: In this article, the authors examine the internals of Fiasco.OC, a microkernel of the prominent L4 family, and show that it is not suited to ensure strict isolation between components.
Posted Content
Rowhammer Induced Intermittent Fault Attack on ECC-hardened memory.
TL;DR: A novel fault attack called Intermittent Fault Attack is proposed which is well suited for ECC-enabled DRAM modules and demonstrates the practicality of the attack model by inducing single bit faults using pinpointed Rowhammer technique in S-Boxes of block ciphers in a ECC protected system.
Proceedings ArticleDOI
On the importance of protecting personal information privacy: A lightweight and portable implementation of cryptographic systems
TL;DR: This work designs a lightweight and portable cryptographic system, which can protect personal information privacy for users of Internet and computers and chooses four-tier system architecture and divides the system into five functional modules.
Journal ArticleDOI
A Defense Mechanism Against Transient Execution Attacks On SMT Processors
Xin Jin,Ningmei Yu +1 more
TL;DR: A defense mechanism for SMT processors against launching transient execution attacks using shared cache that can effectively prevent Spectre attack, and the overhead of performance is only 3.9%.
References
More filters
Journal ArticleDOI
Software protection and simulation on oblivious RAMs
Oded Goldreich,Rafail Ostrovsky +1 more
TL;DR: This paper shows how to do an on-line simulation of an arbitrary RAM by a probabilistic oblivious RAM with a polylogaithmic slowdown in the running time, and shows that a logarithmic slowdown is a lower bound.
Serpent: A Proposal for the Advanced Encryption Standard
TL;DR: A new block cipher is proposed that uses S-boxes similar to those of DES in a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables it to be more secure than three-key triple-DES.
Book ChapterDOI
A Fast New DES Implementation in Software
TL;DR: A new optimized standard implementation of DES on 64-bit processors is described, which is about twice faster than the fastest known standard DES implementation on the same processor.
Book ChapterDOI
A side-channel analysis resistant description of the AES s-box
TL;DR: This article introduces a new masking countermeasure which is not only secure against first-order side-channel attacks, but which also leads to relatively small implementations compared to other masking schemes implemented in dedicated hardware.
Book ChapterDOI
An ASIC Implementation of the AES SBoxes
TL;DR: This article presents a hardware implementation of the S-Boxes from the Advanced Encryption Standard (AES), and shows that a calculation of this function and its inverse can be done efficiently with combinational logic.