[PDF][PDF] 侧信道攻击与防御技术研究进展
王永娟, 樊昊鹏, 代政一, 袁庆军, 王相宾 - 计算机学报, 2023 - 159.226.43.17
摘要侧信道攻击利用密码实现的物理泄露而不是理论弱点来恢复密钥, 对密码系统的安全实现有
严重的现实威胁. 密码设备运行时所产生的能量, 电磁, 缓存和故障输出等侧信息均可能导致密钥 …
严重的现实威胁. 密码设备运行时所产生的能量, 电磁, 缓存和故障输出等侧信息均可能导致密钥 …
Cryptographic accelerators for digital signature based on Ed25519
M Bisheh-Niasar, R Azarderakhsh… - … Transactions on Very …, 2021 - ieeexplore.ieee.org
This article presents highly optimized implementations of the Ed25519 digital signature
algorithm [Edwards curve digital signature algorithm (EdDSA)]. This algorithm significantly …
algorithm [Edwards curve digital signature algorithm (EdDSA)]. This algorithm significantly …
Prime+ Scope: Overcoming the observer effect for high-precision cache contention attacks
Modern processors expose software to information leakage through shared
microarchitectural state. One of the most severe leakage channels is cache contention …
microarchitectural state. One of the most severe leakage channels is cache contention …
Jolt: Recovering tls signing keys via rowhammer faults
Digital Signature Schemes such as DSA, ECDSA, and RSA are widely deployed to protect
the integrity of security protocols such as TLS, SSH, and IPSec. In TLS, for instance, RSA …
the integrity of security protocols such as TLS, SSH, and IPSec. In TLS, for instance, RSA …
Constantine: Automatic side-channel resistance using efficient control and data flow linearization
In the era of microarchitectural side channels, vendors scramble to deploy mitigations for
transient execution attacks, but leave traditional side-channel attacks against sensitive …
transient execution attacks, but leave traditional side-channel attacks against sensitive …
The provable security of ed25519: theory and practice
A standard requirement for a signature scheme is that it is existentially unforgeable under
chosen message attacks (EUF-CMA), alongside other properties of interest such as strong …
chosen message attacks (EUF-CMA), alongside other properties of interest such as strong …
A systematic evaluation of automated tools for side-channel vulnerabilities detection in cryptographic libraries
A Geimer, M Vergnolle, F Recoules, LA Daniel… - Proceedings of the …, 2023 - dl.acm.org
To protect cryptographic implementations from side-channel vulnerabilities, developers must
adopt constant-time programming practices. As these can be error-prone, many side …
adopt constant-time programming practices. As these can be error-prone, many side …
Safe curves for elliptic-curve cryptography
DJ Bernstein, T Lange - Cryptology ePrint Archive, 2024 - eprint.iacr.org
Safe curves for elliptic-curve cryptography Page 1 Safe curves for elliptic-curve cryptography
Daniel J. Bernstein1,2 and Tanja Lange3,2 1 University of Illinois at Chicago, USA 2 Academia …
Daniel J. Bernstein1,2 and Tanja Lange3,2 1 University of Illinois at Chicago, USA 2 Academia …
Don't mesh around:{Side-Channel} attacks and mitigations on mesh interconnects
M Dai, R Paccagnella, M Gomez-Garcia… - 31st USENIX Security …, 2022 - usenix.org
This paper studies microarchitectural side-channel attacks and mitigations on the on-chip
mesh interconnect used in modern, server-class Intel processors. We find that, though …
mesh interconnect used in modern, server-class Intel processors. We find that, though …
DVFS frequently leaks secrets: Hertzbleed attacks beyond SIKE, cryptography, and CPU-only data
Y Wang, R Paccagnella, A Wandke… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
The recent Hertzbleed disclosure demonstrates how remote-timing analysis can reveal
secret information previously only accessible to local-power analysis. At worst, this …
secret information previously only accessible to local-power analysis. At worst, this …