English
Related papers

Related papers: CopyCat: Controlled Instruction-Level Attacks on E…

200 papers

Protected-module architectures (PMAs) have been proposed to provide strong isolation guarantees, even on top of a compromised system. Unfortunately, Intel SGX -- the only publicly available high-end PMA -- has been shown to only provide…

Cryptography and Security · Computer Science 2017-12-25 Raoul Strackx , Frank Piessens

Cache template attacks demonstrated automated leakage of user input in shared libraries. However, for large binaries, the runtime is prohibitively high. Other automated approaches focused on cryptographic implementations and media software…

Cryptography and Security · Computer Science 2022-08-05 Martin Schwarzl , Erik Kraft , Daniel Gruss

Data confidentiality is an important requirement for clients when outsourcing databases to the cloud. Trusted execution environments, such as Intel SGX, offer an efficient, hardware-based solution to this cryptographic problem. Existing…

Cryptography and Security · Computer Science 2020-02-13 Benny Fuhry , Jayanth Jain H A , Florian Kerschbaum

Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels. Specifically, speculatively executed paths due to branch mis-prediction may bring secret data into the cache which are then exposed via cache…

Cryptography and Security · Computer Science 2020-05-26 Guanhua Wang , Sudipta Chattopadhyay , Arnab Kumar Biswas , Tulika Mitra , Abhik Roychoudhury

Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting…

Cryptography and Security · Computer Science 2022-01-28 Daniel Genkin , William Kosasih , Fangfei Liu , Anna Trikalinou , Thomas Unterluggauer , Yuval Yarom

Trusted-execution environments (TEE), like Intel SGX, isolate user-space applications into secure enclaves without trusting the OS. Thus, TEEs reduce the trusted computing base, but add one to two orders of magnitude slow-down. The…

Cryptography and Security · Computer Science 2020-10-19 Zhijingcheng Yu , Shweta Shinde , Trevor E. Carlson , Prateek Saxena

The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs…

Cryptography and Security · Computer Science 2023-10-09 Daniel Weber , Fabian Thomas , Lukas Gerlach , Ruiyi Zhang , Michael Schwarz

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Encrypted deduplication combines encryption and deduplication to simultaneously achieve both data security and storage efficiency. State-of-the-art encrypted deduplication systems mainly build on deterministic encryption to preserve…

Cryptography and Security · Computer Science 2019-10-10 Jingwei Li , Patrick P. C. Lee , Chufeng Tan , Chuan Qin , Xiaosong Zhang

Fault attacks enable adversaries to manipulate the control-flow of security-critical applications. By inducing targeted faults into the CPU, the software's call graph can be escaped and the control-flow can be redirected to arbitrary…

Cryptography and Security · Computer Science 2023-03-27 Pascal Nasahl , Salmin Sultana , Hans Liljestrand , Karanvir Grewal , Michael LeMay , David M. Durham , David Schrammel , Stefan Mangard

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a…

Cryptography and Security · Computer Science 2017-08-22 Ahmad Moghimi , Gorka Irazoqui , Thomas Eisenbarth

Control planes of cloud frameworks trade off between scheduling granularity and performance. Centralized systems schedule at task granularity, but only schedule a few thousand tasks per second. Distributed systems schedule hundreds of…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-05-05 Omid Mashayekhi , Hang Qu , Chinmayee Shah , Philip Levis

Irregular codes are bottlenecked by memory and communication latency. Decoupled access/execute (DAE) is a common technique to tackle this problem. It relies on the compiler to separate memory address generation from the rest of the program,…

Performance · Computer Science 2025-01-24 Robert Szafarczyk , Syed Waqar Nabi , Wim Vanderbauwhede

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these…

Cryptography and Security · Computer Science 2017-06-20 Daniel Gruss

Intel Software Guard Extension (SGX) offers software applications enclave to protect their confidentiality and integrity from malicious operating systems. The SSL/TLS protocol, which is the de facto standard for protecting transport-layer…

Cryptography and Security · Computer Science 2017-09-28 Yuan Xiao , Mengyuan Li , Sanchuan Chen , Yinqian Zhang

Operating Systems enforce logical isolation using abstractions such as processes, containers, and isolation technologies to protect a system from malicious or buggy code. In this paper, we show new types of side channels through the file…

Cryptography and Security · Computer Science 2025-04-29 Cheng Gu , Yicheng Zhang , Nael Abu-Ghazaleh

Enforcing integrity and confidentiality of users' application code and data is a challenging mission that any software developer working on an online production grade service is facing. Since cryptology is not a widely understood subject,…

Cryptography and Security · Computer Science 2018-04-04 Mohammad Hasanzadeh Mofrad , Adam Lee

Recent attacks have broken process isolation by exploiting microarchitectural side channels that allow indirect access to shared microarchitectural state. Enclaves strengthen the process abstraction to restore isolation guarantees. We…

Cryptography and Security · Computer Science 2019-08-30 Thomas Bourgeat , Ilia Lebedev , Andrew Wright , Sizhuo Zhang , Arvind , Srinivas Devadas

Side-channel risks of Intel's SGX have recently attracted great attention. Under the spotlight is the newly discovered page-fault attack, in which an OS-level adversary induces page faults to observe the page-level access patterns of a…

Cryptography and Security · Computer Science 2026-03-03 Wenhao Wang , Guoxing Chen , Xiaorui Pan , Yinqian Zhang , XiaoFeng Wang , Vincent Bindschaedler , Haixu Tang , Carl A. Gunter

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computations from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing…

Cryptography and Security · Computer Science 2018-10-04 Shohreh Hosseinzadeh , Hans Liljestrand , Ville Leppänen , Andrew Paverd