English
Related papers

Related papers: Clueless: A Tool Characterising Values Leaking as …

200 papers

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang

Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels. Specifically, speculatively executed paths due to branch mis-prediction may bring secret data into the cache which are then exposed via cache…

Cryptography and Security · Computer Science 2020-05-26 Guanhua Wang , Sudipta Chattopadhyay , Arnab Kumar Biswas , Tulika Mitra , Abhik Roychoudhury

Cache timing attacks allow attackers to infer the properties of a secret execution by observing cache hits and misses. But how much information can actually leak through such attacks? For a given program, a cache model, and an input, our…

Cryptography and Security · Computer Science 2016-11-15 Sudipta Chattopadhyay , Moritz Beck , Ahmed Rezine , Andreas Zeller

Cache-based side channels enable a dedicated attacker to reveal program secrets by measuring the cache access patterns. Practical attacks have been shown against real-world crypto algorithm implementations such as RSA, AES, and ElGamal. By…

Cryptography and Security · Computer Science 2019-06-03 Shuai Wang , Yuyan Bao , Xiao Liu , Pei Wang , Danfeng Zhang , Dinghao Wu

While cryptographic algorithms such as the ubiquitous Advanced Encryption Standard (AES) are secure, *physical implementations* of these algorithms in hardware inevitably 'leak' sensitive data such as cryptographic keys. A particularly…

Machine Learning · Computer Science 2026-03-26 Jimmy Gammell , Anand Raghunathan , Abolfazl Hashemi , Kaushik Roy

Side channel attacks steal secret keys by cleverly leveraging information leakages and can, therefore, break encryption. Thus, detection and mitigation of side channel attacks is a very important problem, but the solutions proposed in the…

Cryptography and Security · Computer Science 2020-10-28 Sharjeel Khan , Girish Mururu , Santosh Pande

Cryptographic algorithms like AES and RSA are widely used and they are mathematically robust and almost unbreakable but its implementation on physical devices often leak information through side channels, such as electromagnetic (EM)…

Cryptography and Security · Computer Science 2025-08-19 Mukesh Poudel , Nick Rahimi

To meet the ever-growing need for performance in silicon devices, SoC providers have been increasingly relying on software-hardware cooperation. By controlling hardware resources such as power or clock management from the software,…

Cryptography and Security · Computer Science 2021-11-03 Joseph Gravellier , Jean-Max Dutertre , Yannick Teglia , Philippe Loubet Moundi

Power analysis is a branch of side channel attacks where power consumption data is used as the side channel to attack the system. First using a device like an oscilloscope power traces are collected when the cryptographic device is doing…

Cryptography and Security · Computer Science 2018-01-04 Hasindu Gamaarachchi , Harsha Ganegoda

Trusted Execution Environments (TEEs) are gradually adopted by major cloud providers, offering a practical option of \emph{confidential computing} for users who don't fully trust public clouds. TEEs use CPU-enabled hardware features to…

Cryptography and Security · Computer Science 2023-08-15 AKM Mubashwir Alam , Keke Chen

A unified modeling framework for non-functional properties of a program is essential for research in software analysis and verification, since it reduces burdens on individual researchers to implement new approaches and compare existing…

Software Engineering · Computer Science 2018-07-11 Chungha Sung , Brandon Paulsen , Chao Wang

Timing side-channel attacks exploit variations in program execution time to recover sensitive information. Cryptographic implementations are especially vulnerable to these attacks, since even small timing differences in operations such as…

Cryptography and Security · Computer Science 2026-04-21 Nges Brian Njungle , Edwin P. Kayang , Mishel J. Paul , Michel A. Kinsy

Recent studies highlighting the vulnerability of computer architecture to information leakage attacks have been a cause of significant concern. Among the various classes of microarchitectural attacks, cache timing channels are especially…

Cryptography and Security · Computer Science 2019-02-14 Fan Yao , Hongyu Fang , Milos Doroslovacki , Guru Venkataramani

Discovering new vulnerabilities and implementing security and privacy measures are important to protect systems and data against physical attacks. One such vulnerability is impedance, an inherent property of a device that can be exploited…

Cryptography and Security · Computer Science 2023-12-15 Md Sadik Awal , Md Tauhidur Rahman

Accelerators used for machine learning (ML) inference provide great performance benefits over CPUs. Securing confidential model in inference against off-chip side-channel attacks is critical in harnessing the performance advantage in…

Cryptography and Security · Computer Science 2021-10-15 Sarbartha Banerjee , Shijia Wei , Prakash Ramrakhyani , Mohit Tiwari

Recently, the IaaS (Infrastructure as a Service) Cloud (e.g., Amazon EC2) has been widely used by many organizations. However, some IaaS security issues create serious threats to its users. A typical issue is the timing channel. This kind…

Cryptography and Security · Computer Science 2018-04-06 Xiao Fu , Rui Yang , Xiaojiang Du , Bin Luo

Trusted execution environments (TEEs) provide an environment for running workloads in the cloud without having to trust cloud service providers, by offering additional hardware-assisted security guarantees. However, main memory encryption…

Cryptography and Security · Computer Science 2023-09-25 Jan Wichelmann , Anna Pätschke , Luca Wilke , Thomas Eisenbarth

Open-source software serves as a foundation for the internet and the cyber supply chain, but its exploitation is becoming increasingly prevalent. While advances in vulnerability detection for OSS have been significant, prior research has…

Cryptography and Security · Computer Science 2024-12-02 Zhuoran Tan , Christos Anagnosstopoulos , Jeremy Singer

The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification…

Cryptography and Security · Computer Science 2022-12-05 Andreas Schaad , Dominik Binder
‹ Prev 1 2 3 10 Next ›