English
Related papers

Related papers: Automated Side-Channel Analysis of Cryptographic P…

200 papers

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

We introduce CryptoBap, a platform to verify weak secrecy and authentication for the (ARMv8 and RISC-V) machine code of cryptographic protocols. We achieve this by first transpiling the binary of protocols into an intermediate…

Cryptography and Security · Computer Science 2023-09-19 Faezeh Nasrabadi , Robert Künnemann , Hamed Nemati

Cache-based side channels enable a dedicated attacker to reveal program secrets by measuring the cache access patterns. Practical attacks have been shown against real-world crypto algorithm implementations such as RSA, AES, and ElGamal. By…

Cryptography and Security · Computer Science 2019-06-03 Shuai Wang , Yuyan Bao , Xiao Liu , Pei Wang , Danfeng Zhang , Dinghao Wu

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang

Although cryptographic algorithms may be mathematically secure, it is often possible to leak secret information from the implementation of the algorithms. Timing and power side-channel vulnerabilities are some of the most widely considered…

Cryptography and Security · Computer Science 2023-10-31 Ferhat Erata , Ruzica Piskac , Victor Mateu , Jakub Szefer

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Florian Sieck , Anna Pätschke , Thomas Eisenbarth

To protect cryptographic implementations from side-channel vulnerabilities, developers must adopt constant-time programming practices. As these can be error-prone, many side-channel detection tools have been proposed. Despite this, such…

Cryptography and Security · Computer Science 2023-10-13 Antoine Geimer , Mathéo Vergnolle , Frédéric Recoules , Lesly-Ann Daniel , Sébastien Bardin , Clémentine Maurice

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the…

Cryptography and Security · Computer Science 2021-03-29 Xiaoxuan Lou , Tianwei Zhang , Jun Jiang , Yinqian Zhang

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang

Cache timing attacks allow third-party observers to retrieve sensitive information from program executions. But, is it possible to automatically check the vulnerability of a program against cache timing attacks and then, automatically…

Software Engineering · Computer Science 2018-07-23 Sudipta Chattopadhyay , Abhik Roychoudhury

Based on our previous work on truly concurrent process algebras APTC, we use it to verify the security protocols. This work (called Secure APTC, abbreviated SAPTC) have the following advantages in verifying security protocols: (1) It has a…

Logic in Computer Science · Computer Science 2021-10-26 Yong Wang

Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange qubits to achieve information-theoretic security guarantees. Many variants thereof were proposed, some of them being already deployed. Existing security proofs in…

Cryptography and Security · Computer Science 2019-04-11 Lucca Hirschi

Side channel attacks have emerged as a serious threat to the security of both networked and embedded systems -- in particular through the implementations of cryptographic operations. Side channels can be difficult to model formally, but…

Cryptography and Security · Computer Science 2009-12-16 Josef Svenningsson , David Sands

Observational models make tractable the analysis of information flow properties by providing an abstraction of side channels. We introduce a methodology and a tool, Scam-V, to validate observational models for modern computer architectures.…

Cryptography and Security · Computer Science 2020-05-12 Hamed Nemati , Pablo Buiras , Andreas Lindner , Roberto Guanciale , Swen Jacobs

We demonstrate that the format in which private keys are persisted impacts Side Channel Analysis (SCA) security. Surveying several widely deployed software libraries, we investigate the formats they support, how they parse these keys, and…

Cryptography and Security · Computer Science 2020-04-02 Cesar Pereida García , Sohaib ul Hassan , Nicola Tuveri , Iaroslav Gridin , Alejandro Cabrera Aldaya , Billy Bob Brumley

The widespread adoption of TLS 1.3 and QUIC has rendered payload content invisible, shifting traffic analysis toward side-channel features. However, rigorous justification for why side-channel leakage is inevitable in encrypted…

Cryptography and Security · Computer Science 2026-02-17 Guangjie Liu , Guang Chen , Weiwei Liu

Rigorous quantitative evaluation of microarchitectural side channels is challenging for two reasons. First, the processors, attacks, and defenses often exhibit probabilistic behaviors. These probabilistic behaviors arise due to natural…

Cryptography and Security · Computer Science 2025-10-06 Weihang Li , Pete Crowley , Arya Tschand , Yu Wang , Miroslav Pajic , Daniel Sorin

The wiretap channel is a setting where one aims to provide information-theoretic privacy of communicated data based solely on the assumption that the channel from sender to adversary is "noisier" than the channel from sender to receiver. It…

Information Theory · Computer Science 2015-03-20 Mihir Bellare , Stefano Tessaro , Alexander Vardy

Security protocols often use randomization to achieve probabilistic non-determinism. This non-determinism, in turn, is used in obfuscating the dependence of observable values on secret data. Since the correctness of security protocols is…

Cryptography and Security · Computer Science 2009-06-30 Susmit Jha

Verification of microkernels, device drivers, and crypto routines requires analyses at the binary level. In order to automate these analyses, in the last years several binary analysis platforms have been introduced. These platforms share a…

Programming Languages · Computer Science 2019-01-23 Andreas Lindner , Roberto Guanciale , Roberto Metere
‹ Prev 1 2 3 10 Next ›