A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography
Side-channel attacks have become a severe threat to the confidentiality of computer
applications and systems. One popular type of such attacks is the microarchitectural attack …
applications and systems. One popular type of such attacks is the microarchitectural attack …
Timing Side-Channel Attacks and Countermeasures in CPU Microarchitectures
Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle
microarchitecture state to steal the user's secret data and even compromise the operating …
microarchitecture state to steal the user's secret data and even compromise the operating …
Crosstalk: Speculative data leaks across cores are real
Recent transient execution attacks have demonstrated that attackers may leak sensitive
information across security boundaries on a shared CPU core. Up until now, it seemed …
information across security boundaries on a shared CPU core. Up until now, it seemed …
Downfall: Exploiting speculative data gathering
D Moghimi - 32nd USENIX Security Symposium (USENIX Security …, 2023 - usenix.org
We introduce Downfall attacks, new transient execution attacks that undermine the security
of computers running everywhere across the internet. We exploit the gather instruction on …
of computers running everywhere across the internet. We exploit the gather instruction on …
{AEX-Notify}: Thwarting Precise {Single-Stepping} Attacks through Interrupt Awareness for Intel {SGX} Enclaves
Intel® Software Guard Extensions (Intel® SGX) supports the creation of shielded enclaves
within unprivileged processes. While enclaves are architecturally protected against …
within unprivileged processes. While enclaves are architecturally protected against …
Constantine: Automatic side-channel resistance using efficient control and data flow linearization
In the era of microarchitectural side channels, vendors scramble to deploy mitigations for
transient execution attacks, but leave traditional side-channel attacks against sensitive …
transient execution attacks, but leave traditional side-channel attacks against sensitive …
Rapid prototyping for microarchitectural attacks
In recent years, microarchitectural attacks have been demonstrated to be a powerful attack
class. However, as our empirical analysis shows, there are numerous implementation …
class. However, as our empirical analysis shows, there are numerous implementation …
There's always a bigger fish: a clarifying analysis of a machine-learning-assisted side-channel attack
Machine learning has made it possible to mount powerful attacks through side channels that
have traditionally been seen as challenging to exploit. However, due to the black-box nature …
have traditionally been seen as challenging to exploit. However, due to the black-box nature …
Microwalk-CI: Practical side-channel analysis for JavaScript applications
J Wichelmann, F Sieck, A Pätschke… - Proceedings of the 2022 …, 2022 - dl.acm.org
Secret-dependent timing behavior in cryptographic implementations has resulted in
exploitable vulnerabilities, undermining their security. Over the years, numerous tools to …
exploitable vulnerabilities, undermining their security. Over the years, numerous tools to …
{HyperEnclave}: An open and cross-platform trusted execution environment
A number of trusted execution environments (TEEs) have been proposed by both academia
and industry. However, most of them require specific hardware or firmware changes and are …
and industry. However, most of them require specific hardware or firmware changes and are …