Timing Side-Channel Attacks and Countermeasures in CPU Microarchitectures
Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle
microarchitecture state to steal the user's secret data and even compromise the operating …
microarchitecture state to steal the user's secret data and even compromise the operating …
Synchronization Storage Channels ({{{{{S2C)}}}}}: Timer-less Cache {Side-Channel} Attacks on the Apple M1 via Hardware Synchronization Instructions
Shared caches have been a prime target for mounting crossprocess/core side-channel
attacks. Fundamentally, these attacks require a mechanism to accurately observe changes …
attacks. Fundamentally, these attacks require a mechanism to accurately observe changes …
Ileakage: Browser-based timerless speculative execution attacks on apple devices
Over the past few years, the high-end CPU market is undergoing a transformational change.
Moving away from using x86 as the sole architecture for high performance devices, we have …
Moving away from using x86 as the sole architecture for high performance devices, we have …
A security RISC: microarchitectural attacks on hardware RISC-V CPUs
Microarchitectural attacks threaten the security of computer systems even in the absence of
software vulnerabilities. Such attacks are well explored on x86 and ARM CPUs, with a wide …
software vulnerabilities. Such attacks are well explored on x86 and ARM CPUs, with a wide …
{Invalidate+ Compare}: A {Timer-Free}{GPU} Cache Attack Primitive
While extensive research has been conducted on CPU cache side-channel attacks, the
landscape of similar studies on modern GPUs remains largely uncharted. In this paper, we …
landscape of similar studies on modern GPUs remains largely uncharted. In this paper, we …
Bending microarchitectural weird machines towards practicality
A large body of work has demonstrated attacks that rely on the difference between CPUs'
nominal instruction set architectures and their actual (microarchitectural) implementations …
nominal instruction set architectures and their actual (microarchitectural) implementations …
Secret Spilling Drive: Leaking User Behavior through SSD Contention
J Juffinger, F Rauscher… - Network and …, 2025 - graz.elsevierpure.com
Covert channels and side channels bypass architectural security boundaries. Numerous
works have studied covert channels and side channels in software and hardware. Thus …
works have studied covert channels and side channels in software and hardware. Thus …
TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX
L Wilke, F Sieck, T Eisenbarth - Proceedings of the 2024 on ACM …, 2024 - dl.acm.org
Trusted Execution Environments are a promising solution for solving the data privacy and
trust issues introduced by cloud computing. As a result, all major CPU vendors integrated …
trust issues introduced by cloud computing. As a result, all major CPU vendors integrated …
Gaussian Elimination of Side-channels: Linear algebra for memory coloring
Memory coloring is a software-based technique to ensure microarchitectural isolation
between trust domains sharing a CPU. Prior coloring schemes target individual …
between trust domains sharing a CPU. Prior coloring schemes target individual …
Cross-Core Interrupt Detection: Exploiting User and Virtualized IPIs
F Rauscher, D Gruss - Proceedings of the 2024 on ACM SIGSAC …, 2024 - dl.acm.org
Interrupts are fundamental for inter-process and cross-core communication in modern
systems. Controlling these communication mechanisms historically requires switches into …
systems. Controlling these communication mechanisms historically requires switches into …