English
Related papers

Related papers: MicroWalk: A Framework for Finding Side Channels i…

200 papers

Timing side-channel attacks exploit secret-dependent execution time to fully or partially recover secrets of cryptographic implementations, posing a severe threat to software security. Constant-time programming discipline is an effective…

Cryptography and Security · Computer Science 2024-02-22 Luwei Cai , Fu Song , Taolue Chen

We demonstrate that the format in which private keys are persisted impacts Side Channel Analysis (SCA) security. Surveying several widely deployed software libraries, we investigate the formats they support, how they parse these keys, and…

Cryptography and Security · Computer Science 2020-04-02 Cesar Pereida García , Sohaib ul Hassan , Nicola Tuveri , Iaroslav Gridin , Alejandro Cabrera Aldaya , Billy Bob Brumley

Security critical software, e.g., OpenSSL, comes with numerous side-channel leakages left unpatched due to a lack of resources or experts. The situation will only worsen as the pace of code development accelerates, with developers relying…

Cryptography and Security · Computer Science 2023-08-28 M. Caner Tol , Berk Sunar

The recent discovery of the Spectre and Meltdown attacks represents a watershed moment not just for the field of Computer Security, but also of Programming Languages. This paper explores speculative side-channel attacks and their…

Programming Languages · Computer Science 2019-02-15 Ross Mcilroy , Jaroslav Sevcik , Tobias Tebbi , Ben L. Titzer , Toon Verwaest

Timing side channels have been used to extract cryptographic keys and sensitive documents, even from trusted enclaves. In this paper, we focus on cache side channels created by access to shared code or data in the memory hierarchy. This…

Cryptography and Security · Computer Science 2021-12-20 Divya Ojha , Sandhya Dwarkadas

How will future microarchitectures impact the security of existing cryptographic implementations? As we cannot keep reducing the size of transistors, chip vendors have started developing new microarchitectural optimizations to speed up…

Microarchitectural side channel attacks have been very prominent in security research over the last few years. Caches have been an outstanding covert channel, as they provide high resolution and generic cross-core leakage even with simple…

Cryptography and Security · Computer Science 2020-08-28 Samira Briongos , Ida Bruhns , Pedro Malagón , Thomas Eisenbarth , José M. Moya

Protecting and preventing sensitive data from being used inappropriately has become a challenging task. Even a small mistake in securing data can be exploited by phishing attacks to release private information such as passwords or financial…

Cryptography and Security · Computer Science 2021-08-31 Luke Barlow , Gueltoum Bendiaby , Stavros Shiaelesy , Nick Savage

Supervised deep learning has emerged as an effective tool for carrying out power side-channel attacks on cryptographic implementations. While increasingly-powerful deep learning-based attacks are regularly published, comparatively-little…

Machine Learning · Computer Science 2024-10-31 Jimmy Gammell , Anand Raghunathan , Kaushik Roy

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat…

Cryptography and Security · Computer Science 2016-05-04 Lu Zhang , Luis Vega , Michael Taylor

Ransomware is considered as a significant threat for most enterprises since the past few years. In scenarios wherein users can access all files on a shared server, one infected host can lock the access to all shared files. We propose a tool…

Cryptography and Security · Computer Science 2022-02-16 Eduardo Berrueta , Daniel Morato , Eduardo Magaña , Mikel Izal

While side-channel leakage is traditionally evaluated from a fabricated chip, it is more time-efficient and cost-effective to do so during the design phase of the chip. We present a methodology to rank the gates of a design according to…

Side channels represent a broad class of security vulnerabilities that have been demonstrated to exist in many applications. Because completely eliminating side channels often leads to prohibitively high overhead, there is a need for a…

Information Theory · Computer Science 2020-04-20 Benjamin Wu , Aaron B. Wagner , G. Edward Suh

Timing attacks are considered one of the most damaging side-channel attacks. These attacks exploit timing fluctuations caused by certain operations to disclose confidential information to an attacker. For instance, in asymmetric encryption,…

Cryptography and Security · Computer Science 2023-08-24 M. Mehdi Kholoosi , M. Ali Babar , Cemal Yilmaz

Microarchitectural optimizations are expected to play a crucial role in ensuring performance scalability in future technology nodes. However, recent attacks have demonstrated that microarchitectural optimizations, which were assumed to be…

Cryptography and Security · Computer Science 2022-12-21 Nadja Ramhöj Holtryd , Madhavan Manivannan , Per Stenström

Side channel attacks steal secret keys by cleverly leveraging information leakages and can, therefore, break encryption. Thus, detection and mitigation of side channel attacks is a very important problem, but the solutions proposed in the…

Cryptography and Security · Computer Science 2020-10-28 Sharjeel Khan , Girish Mururu , Santosh Pande

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache…

Cryptography and Security · Computer Science 2025-05-09 MD Mahady Hassan , Shanto Roy , Reza Rahaeimehr

Malware writers have employed various obfuscation and polymorphism techniques to thwart static analysis approaches and bypassing antivirus tools. Dynamic analysis techniques, however, have essentially overcome these deceits by observing the…

Cryptography and Security · Computer Science 2014-10-09 Waqas Aman

Implementations of cryptographic libraries have been scrutinized for secret-dependent execution behavior exploitable by microarchitectural side-channel attacks. To prevent unintended leakages, most libraries moved to constant-time…

Cryptography and Security · Computer Science 2023-04-25 Florian Sieck , Sebastian Berndt , Jan Wichelmann , Thomas Eisenbarth