A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography
Side-channel attacks have become a severe threat to the confidentiality of computer
applications and systems. One popular type of such attacks is the microarchitectural attack …
applications and systems. One popular type of such attacks is the microarchitectural attack …
Port contention for fun and profit
AC Aldaya, BB Brumley, S ul Hassan… - … IEEE Symposium on …, 2019 - ieeexplore.ieee.org
Simultaneous Multithreading (SMT) architectures are attractive targets for side-channel
enabled attackers, with their inherently broader attack surface that exposes more per …
enabled attackers, with their inherently broader attack surface that exposes more per …
Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
The WPA3 certification aims to secure home networks, while EAP-pwd is used by certain
enterprise Wi-Fi networks to authenticate users. Both use the Dragonfly handshake to …
enterprise Wi-Fi networks to authenticate users. Both use the Dragonfly handshake to …
{TPM-FAIL}:{TPM} meets Timing and Lattice Attacks
Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects
cryptographic keys from privileged system and physical adversaries. In this work, we perform …
cryptographic keys from privileged system and physical adversaries. In this work, we perform …
“They're not that hard to mitigate”: What cryptographic library developers think about timing attacks
Timing attacks are among the most devastating side-channel attacks, allowing remote
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
Binsec/rel: Efficient relational symbolic execution for constant-time at binary-level
The constant-time programming discipline (CT) is an efficient countermeasure against timing
side-channel attacks, requiring the control flow and the memory accesses to be independent …
side-channel attacks, requiring the control flow and the memory accesses to be independent …
A systematic evaluation of automated tools for side-channel vulnerabilities detection in cryptographic libraries
A Geimer, M Vergnolle, F Recoules, LA Daniel… - Proceedings of the …, 2023 - dl.acm.org
To protect cryptographic implementations from side-channel vulnerabilities, developers must
adopt constant-time programming practices. As these can be error-prone, many side …
adopt constant-time programming practices. As these can be error-prone, many side …
{CopyCat}: Controlled {Instruction-Level} attacks on enclaves
The adversarial model presented by trusted execution environments (TEEs) has prompted
researchers to investigate unusual attack vectors. One particularly powerful class of …
researchers to investigate unusual attack vectors. One particularly powerful class of …
{RELOAD+ REFRESH}: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks
Caches have become the prime method for unintended information extraction across logical
isolation boundaries. They are widely available on all major CPU platforms and, as a side …
isolation boundaries. They are widely available on all major CPU platforms and, as a side …
Rapid prototyping for microarchitectural attacks
In recent years, microarchitectural attacks have been demonstrated to be a powerful attack
class. However, as our empirical analysis shows, there are numerous implementation …
class. However, as our empirical analysis shows, there are numerous implementation …