English
Related papers

Related papers: Prime+Probe 1, JavaScript 0: Overcoming Browser-ba…

200 papers

Besides cryptographic secrets, side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences.…

Cryptography and Security · Computer Science 2017-06-21 Michael Schwarz , Moritz Lipp , Daniel Gruss , Samuel Weiser , Clémentine Maurice , Raphael Spreitzer , Stefan Mangard

Cache randomization has recently been revived as a promising defense against conflict-based cache side-channel attacks. As two of the latest implementations, CEASER-S and ScatterCache both claim to thwart conflict-based cache side-channel…

Cryptography and Security · Computer Science 2021-11-30 Wei Song , Boya Li , Zihan Xue , Zhenzhen Li , Wenhao Wang , Peng Liu

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Florian Sieck , Anna Pätschke , Thomas Eisenbarth

Browser fingerprinting enables persistent cross-site user tracking via subtle techniques that often evade conventional defenses or cause website breakage when script-level blocking countermeasures are applied. Addressing these challenges…

Cryptography and Security · Computer Science 2025-09-15 Pouneh Nikkhah Bahrami , Dylan Cutler , Igor Bilogrevic

Side-channel attacks on microprocessors, like the RISC-V, exhibit security vulnerabilities that lead to several design challenges. Hence, it is imperative to study and analyze these security vulnerabilities comprehensively. In this paper,…

Cryptography and Security · Computer Science 2021-06-17 Mahya Morid Ahmadi , Faiq Khalid , Muhammad Shafique

Cache attacks exploit memory access patterns of cryptographic implementations. Constant-Time implementation techniques have become an indispensable tool in fighting cache timing attacks. These techniques engineer the memory accesses of…

Cryptography and Security · Computer Science 2018-11-20 Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

In the recent past, we have witnessed the shift towards attacks on the microarchitectural CPU level. In particular, cache side-channels play a predominant role as they allow an attacker to exfiltrate secret information by exploiting the CPU…

Cryptography and Security · Computer Science 2022-08-19 Jan Philipp Thoma , Christian Niesler , Dominic Funke , Gregor Leander , Pierre Mayr , Nils Pohl , Lucas Davi , Tim Güneysu

The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app…

Cryptography and Security · Computer Science 2021-08-27 Muhammad Arsath K F , Vinod Ganesan , Rahul Bodduna , Chester Rebeiro

CPU caches introduce variations into the execution time of programs that can be exploited by adversaries to recover private information about users or cryptographic keys. Establishing the security of countermeasures against this threat…

Cryptography and Security · Computer Science 2017-05-12 Goran Doychev , Boris Köpf

This paper investigates an emerging cache side channel attack defense approach involving the use of hardware performance counters (HPCs). These counters monitor microarchitectural events and analyze statistical deviations to differentiate…

Cryptography and Security · Computer Science 2023-12-18 William Kosasih

Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by…

Cryptography and Security · Computer Science 2023-04-27 Muhammad Saad , David Mohaisen

Recent work has shown that out-of-order and speculative execution mechanisms used to increase performance in the majority of processors expose the processors to critical attacks. These attacks, called Meltdown and Spectre, exploit the side…

Cryptography and Security · Computer Science 2025-11-25 Subhash Sethumurugan , Hari Cherupalli , Kangjie Lu , John Sartori

While JavaScript established itself as a cornerstone of the modern web, it also constitutes a major tracking and security vector, thus raising critical privacy and security concerns. In this context, some browser extensions propose to…

Cryptography and Security · Computer Science 2023-01-26 Romain Fouquet , Pierre Laperdrix , Romain Rouvoy

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat…

Cryptography and Security · Computer Science 2016-05-04 Lu Zhang , Luis Vega , Michael Taylor

Microarchitectural side channel attacks have been very prominent in security research over the last few years. Caches have been an outstanding covert channel, as they provide high resolution and generic cross-core leakage even with simple…

Cryptography and Security · Computer Science 2020-08-28 Samira Briongos , Ida Bruhns , Pedro Malagón , Thomas Eisenbarth , José M. Moya

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang

Website fingerprinting attack is an extensively studied technique used in a web browser to analyze traffic patterns and thus infer confidential information about users. Several website fingerprinting attacks based on machine learning and…

Cryptography and Security · Computer Science 2023-02-28 Guodong Huang , Chuan Ma , Ming Ding , Yuwen Qian , Chunpeng Ge , Liming Fang , Zhe Liu

Trusted execution environments (TEEs) provide an environment for running workloads in the cloud without having to trust cloud service providers, by offering additional hardware-assisted security guarantees. However, main memory encryption…

Cryptography and Security · Computer Science 2023-09-25 Jan Wichelmann , Anna Pätschke , Luca Wilke , Thomas Eisenbarth

Randomized, skewed caches (RSCs) such as CEASER-S have recently received much attention to defend against contention-based cache side channels. By randomizing and regularly changing the mapping(s) of addresses to cache sets, these…

Cryptography and Security · Computer Science 2022-09-30 Thomas Unterluggauer , Austin Harris , Scott Constable , Fangfei Liu , Carlos Rozas

Recent work has introduced attacks that extract the architecture information of deep neural networks (DNN), as this knowledge enhances an adversary's capability to conduct black-box attacks against the model. This paper presents the first…

Cryptography and Security · Computer Science 2020-02-03 Sanghyun Hong , Michael Davinroy , Yiǧitcan Kaya , Stuart Nevans Locke , Ian Rackow , Kevin Kulda , Dana Dachman-Soled , Tudor Dumitraş