English
Related papers

Related papers: Constantine: Automatic Side-Channel Resistance Usi…

200 papers

The code generation modules inside modern compilers such as GCC and LLVM, which use a limited number of CPU registers to store a large number of program variables, may introduce side-channel leaks even in software equipped with…

Cryptography and Security · Computer Science 2019-02-28 Jingbo Wang , Chungha Sung , Chao Wang

Time variation during program execution can leak sensitive information. Time variations due to program control flow and hardware resource contention have been used to steal encryption keys in cipher implementations such as AES and RSA. A…

Cryptography and Security · Computer Science 2017-03-23 Zelalem Birhanu Aweke , Todd Austin

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents…

Cryptography and Security · Computer Science 2016-04-07 Bhargava Shastry , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

The constant-time property is considered the security standard for cryptographic code. Code following the constant-time discipline is free from secret-dependent branches and memory accesses, and thus avoids leaking secrets through cache and…

Cryptography and Security · Computer Science 2023-11-13 Matthew Kolosick , Basavesh Ammanaghatta Shivakumar , Sunjay Cauligi , Marco Patrignani , Marco Vassena , Ranjit Jhala , Deian Stefan

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Florian Sieck , Anna Pätschke , Thomas Eisenbarth

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

One of the most prevalent source of side channel vulnerabilities is the secret-dependent behavior of conditional branches (SDBCB). The state-of-the-art solution relies on Constant-Time Expressions, which require high programming effort and…

Cryptography and Security · Computer Science 2020-07-30 Andrea Mondelli , Paul Gazzillo , Yan Solihin

Side-channel attacks are a security exploit that take advantage of information leakage. They use measurement and analysis of physical parameters to reverse engineer and extract secrets from a system. Power analysis attacks in particular,…

Cryptography and Security · Computer Science 2021-07-26 Yun Chen , Ali Hajiabadi , Romain Poussier , Andreas Diavastos , Shivam Bhasin , Trevor E. Carlson

Randomized, skewed caches (RSCs) such as CEASER-S have recently received much attention to defend against contention-based cache side channels. By randomizing and regularly changing the mapping(s) of addresses to cache sets, these…

Cryptography and Security · Computer Science 2022-09-30 Thomas Unterluggauer , Austin Harris , Scott Constable , Fangfei Liu , Carlos Rozas

To defeat side-channel attacks, many recent countermeasures work by enforcing random run-time variability to the target computing platform in terms of clock jitters, frequency and voltage scaling, and phase shift, also combining the…

Cryptography and Security · Computer Science 2024-09-17 Davide Galli , Adriano Guarisco , William Fornaciari , Matteo Matteucci , Davide Zoni

Security can be seen as an optimisation objective in NoC resource management, and as such poses trade-offs against other objectives such as real-time schedulability. In this paper, we show how to increase NoC resilience against a concrete…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-07-13 Leandro Soares Indrusiak , James Harbin , Martha Johanna Sepulveda

This work mainly addresses continuous-time multiagent consensus networks where an adverse attacker affects the convergence performances of said protocol. In particular, we develop a novel secure-by-design approach in which the presence of a…

Systems and Control · Electrical Eng. & Systems 2025-01-30 Marco Fabris , Daniel Zelazo

Besides cryptographic secrets, side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences.…

Cryptography and Security · Computer Science 2017-06-21 Michael Schwarz , Moritz Lipp , Daniel Gruss , Samuel Weiser , Clémentine Maurice , Raphael Spreitzer , Stefan Mangard

Modern processors dynamically control their operating frequency to optimize resource utilization, maximize energy savings, and conform to system-defined constraints. If, during the execution of a software workload, the running average of…

Cryptography and Security · Computer Science 2023-05-25 Chen Liu , Abhishek Chakraborty , Nikhil Chawla , Neer Roggel

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the…

Cryptography and Security · Computer Science 2021-03-29 Xiaoxuan Lou , Tianwei Zhang , Jun Jiang , Yinqian Zhang

Static code analysis is a powerful approach to detect quality deficiencies such as performance bottlenecks, safety violations or security vulnerabilities already during a software system's implementation. Yet, as current software systems…

Software Engineering · Computer Science 2017-10-23 Eric Bodden

Power-based side-channel is a serious security threat to the System on Chip (SoC). The secret information is leaked from the power profile of the system while a cryptographic algorithm is running. The mitigation requires efforts from both…

Cryptography and Security · Computer Science 2021-07-06 Pantea Kiaei , Yuan Yao , Patrick Schaumont

We propose a method, based on program analysis and transformation, for eliminating timing side channels in software code that implements security-critical applications. Our method takes as input the original program together with a list of…

Cryptography and Security · Computer Science 2018-07-24 Meng Wu , Shengjian Guo , Patrick Schaumont , Chao Wang