Security vulnerabilities of SGX and countermeasures: A survey
Trusted Execution Environments (TEEs) have been widely used in many security-critical
applications. The popularity of TEEs derives from its high security and trustworthiness …
applications. The popularity of TEEs derives from its high security and trustworthiness …
A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography
Side-channel attacks have become a severe threat to the confidentiality of computer
applications and systems. One popular type of such attacks is the microarchitectural attack …
applications and systems. One popular type of such attacks is the microarchitectural attack …
PLATYPUS: Software-based power side-channel attacks on x86
Power side-channel attacks exploit variations in power consumption to extract secrets from a
device, eg, cryptographic keys. Prior attacks typically required physical access to the target …
device, eg, cryptographic keys. Prior attacks typically required physical access to the target …
Software grand exposure:{SGX} cache attacks are practical
F Brasser, U Müller, A Dmitrienko… - 11th USENIX workshop …, 2017 - usenix.org
Intel SGX isolates the memory of security-critical applications from the untrusted OS.
However, it has been speculated that SGX may be vulnerable to side-channel attacks …
However, it has been speculated that SGX may be vulnerable to side-channel attacks …
Translation leak-aside buffer: Defeating cache side-channel protections with {TLB} attacks
To stop side channel attacks on CPU caches that have allowed attackers to leak secret
information and break basic security mechanisms, the security community has developed a …
information and break basic security mechanisms, the security community has developed a …
A survey of microarchitectural timing attacks and countermeasures on contemporary hardware
Microarchitectural timing channels expose hidden hardware states though timing. We survey
recent attacks that exploit microarchitectural features in shared hardware, especially as they …
recent attacks that exploit microarchitectural features in shared hardware, especially as they …
Cache telepathy: Leveraging shared resource attacks to learn {DNN} architectures
Deep Neural Networks (DNNs) are fast becoming ubiquitous for their ability to attain good
accuracy in various machine learning tasks. A DNN's architecture (ie, its hyperparameters) …
accuracy in various machine learning tasks. A DNN's architecture (ie, its hyperparameters) …
Port contention for fun and profit
AC Aldaya, BB Brumley, S ul Hassan… - … IEEE Symposium on …, 2019 - ieeexplore.ieee.org
Simultaneous Multithreading (SMT) architectures are attractive targets for side-channel
enabled attackers, with their inherently broader attack surface that exposes more per …
enabled attackers, with their inherently broader attack surface that exposes more per …
Rambleed: Reading bits in memory without accessing them
The Rowhammer bug is a reliability issue in DRAM cells that can enable an unprivileged
adversary to flip the values of bits in neighboring rows on the memory module. Previous …
adversary to flip the values of bits in neighboring rows on the memory module. Previous …
Post-quantum TLS without handshake signatures
We present KEMTLS, an alternative to the TLS 1.3 handshake that uses key-encapsulation
mechanisms (KEMs) instead of signatures for server authentication. Among existing post …
mechanisms (KEMs) instead of signatures for server authentication. Among existing post …