English
Related papers

Related papers: The Spy in the Sandbox -- Practical Cache Attacks …

200 papers

The arm race between hardware security engineers and side-channel researchers has become more competitive with more sophisticated attacks and defenses in the last decade. While modern hardware features improve the system performance…

Cryptography and Security · Computer Science 2022-08-10 Debopriya Roy Dipta , Berk Gulmezoglu

As cache-based side-channel attacks become serious security problems, various defenses have been proposed and deployed in both software and hardware. Consequently, cache-based side-channel attacks on processes co-residing on the same core…

Cryptography and Security · Computer Science 2022-11-14 Wei Song , Rui Hou , Peng Liu , Xiaoxin Li , Peinan Li , Lutan Zhao , Xiaofei Fu , Yifei Sun , Dan Meng

Operating Systems enforce logical isolation using abstractions such as processes, containers, and isolation technologies to protect a system from malicious or buggy code. In this paper, we show new types of side channels through the file…

Cryptography and Security · Computer Science 2025-04-29 Cheng Gu , Yicheng Zhang , Nael Abu-Ghazaleh

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang

Microarchitectural side channel attacks have been very prominent in security research over the last few years. Caches have been an outstanding covert channel, as they provide high resolution and generic cross-core leakage even with simple…

Cryptography and Security · Computer Science 2020-08-28 Samira Briongos , Ida Bruhns , Pedro Malagón , Thomas Eisenbarth , José M. Moya

We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browser's cache. We show to infect the caches of victims with parasite…

Cryptography and Security · Computer Science 2021-07-15 Lukas Baumann , Elias Heftrig , Haya Shulman , Michael Waidner

Timing and cache side channels provide powerful attacks against many sensitive operations including cryptographic implementations. Existing defenses cannot protect against all classes of such attacks without incurring prohibitive…

Cryptography and Security · Computer Science 2015-09-01 Benjamin A. Braun , Suman Jana , Dan Boneh

Cache attacks exploit memory access patterns of cryptographic implementations. Constant-Time implementation techniques have become an indispensable tool in fighting cache timing attacks. These techniques engineer the memory accesses of…

Cryptography and Security · Computer Science 2018-11-20 Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by…

Cryptography and Security · Computer Science 2023-04-27 Muhammad Saad , David Mohaisen

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a…

Cryptography and Security · Computer Science 2017-08-22 Ahmad Moghimi , Gorka Irazoqui , Thomas Eisenbarth

Trusted execution environments (TEEs) provide an environment for running workloads in the cloud without having to trust cloud service providers, by offering additional hardware-assisted security guarantees. However, main memory encryption…

Cryptography and Security · Computer Science 2023-09-25 Jan Wichelmann , Anna Pätschke , Luca Wilke , Thomas Eisenbarth

Shared caches are vulnerable to side channel attacks through contention in cache sets. Besides being a simple source of information leak, these side channels form useful gadgets for more sophisticated attacks that compromise the security of…

Cryptography and Security · Computer Science 2024-08-27 Divya Ojha , Sandhya Dwarkadas

Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with…

Cryptography and Security · Computer Science 2026-01-23 Daewoo Kim , Sihang Liu

We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This…

Cryptography and Security · Computer Science 2024-02-22 Stefano Carnà , Serena Ferracci , Francesco Quaglia , Alessandro Pellegrini

We identify class of covert channels in browsers that are not mitigated by current defenses, which we call "pool-party" attacks. Pool-party attacks allow sites to create covert channels by manipulating limited-but-unpartitioned resource…

Cryptography and Security · Computer Science 2023-03-22 Peter Snyder , Soroush Karami , Arthur Edelstein , Benjamin Livshits , Hamed Haddadi

Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting…

Cryptography and Security · Computer Science 2022-01-28 Daniel Genkin , William Kosasih , Fangfei Liu , Anna Trikalinou , Thomas Unterluggauer , Yuval Yarom

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Cache side-channel attacks lead to severe security threats to the settings that a CPU is shared across users, e.g., in the cloud. The existing attacks rely on sensing the micro-architectural state changes made by victims, and this…

Cryptography and Security · Computer Science 2021-03-09 Junpeng Wan , Yanxiang Bi , Zhe Zhou , Zhou Li

Transient execution attacks utilize micro-architectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting…

Cryptography and Security · Computer Science 2020-06-24 Jacob Fustos , Michael Bechtel , Heechul Yun

Recent work has introduced attacks that extract the architecture information of deep neural networks (DNN), as this knowledge enhances an adversary's capability to conduct black-box attacks against the model. This paper presents the first…

Cryptography and Security · Computer Science 2020-02-03 Sanghyun Hong , Michael Davinroy , Yiǧitcan Kaya , Stuart Nevans Locke , Ian Rackow , Kevin Kulda , Dana Dachman-Soled , Tudor Dumitraş