A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography
Side-channel attacks have become a severe threat to the confidentiality of computer
applications and systems. One popular type of such attacks is the microarchitectural attack …
applications and systems. One popular type of such attacks is the microarchitectural attack …
{ScatterCache}: thwarting cache attacks via cache set randomization
Cache side-channel attacks can be leveraged as a building block in attacks leaking secrets
even in the absence of software bugs. Currently, there are no practical and generic …
even in the absence of software bugs. Currently, there are no practical and generic …
{AMD} prefetch attacks through power and time
Modern operating systems fundamentally rely on the strict isolation of user applications from
the kernel. This isolation is enforced by the hardware. On Intel CPUs, this isolation has been …
the kernel. This isolation is enforced by the hardware. On Intel CPUs, this isolation has been …
“They're not that hard to mitigate”: What cryptographic library developers think about timing attacks
Timing attacks are among the most devastating side-channel attacks, allowing remote
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
[PDF][PDF] ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures.
The past decade has seen a plethora of side-channel attacks on various CPU components.
Each new attack typically follows a whitebox analysis approach, which involves (i) …
Each new attack typically follows a whitebox analysis approach, which involves (i) …
Constantine: Automatic side-channel resistance using efficient control and data flow linearization
In the era of microarchitectural side channels, vendors scramble to deploy mitigations for
transient execution attacks, but leave traditional side-channel attacks against sensitive …
transient execution attacks, but leave traditional side-channel attacks against sensitive …
A systematic evaluation of automated tools for side-channel vulnerabilities detection in cryptographic libraries
A Geimer, M Vergnolle, F Recoules, LA Daniel… - Proceedings of the …, 2023 - dl.acm.org
To protect cryptographic implementations from side-channel vulnerabilities, developers must
adopt constant-time programming practices. As these can be error-prone, many side …
adopt constant-time programming practices. As these can be error-prone, many side …
Microwalk: A framework for finding side channels in binaries
Microarchitectural side channels expose unprotected software to information leakage
attacks where a software adversary is able to track runtime behavior of a benign process …
attacks where a software adversary is able to track runtime behavior of a benign process …
Rapid prototyping for microarchitectural attacks
In recent years, microarchitectural attacks have been demonstrated to be a powerful attack
class. However, as our empirical analysis shows, there are numerous implementation …
class. However, as our empirical analysis shows, there are numerous implementation …
Hardware-assisted mechanisms to enforce control flow integrity: A comprehensive survey
S Kumar, D Moolchandani, SR Sarangi - Journal of Systems Architecture, 2022 - Elsevier
Today, a vast amount of sensitive data worth millions of dollars is processed in untrusted
data centers; hence, the confidentiality and integrity of the code and data are of paramount …
data centers; hence, the confidentiality and integrity of the code and data are of paramount …