Prospect: Provably secure speculation for the constant-time policy (extended version)
We propose ProSpeCT, a generic formal processor model providing provably secure
speculation for the constant-time policy. For constant-time programs under a non …
speculation for the constant-time policy. For constant-time programs under a non …
MAMBO–V: Dynamic Side-Channel Leakage Analysis on RISC–V
J Wichelmann, C Peredy, F Sieck, A Pätschke… - … on Detection of …, 2023 - Springer
RISC–V is an emerging technology, with applications ranging from embedded devices to
high-performance servers. Therefore, more and more security-critical workloads will be …
high-performance servers. Therefore, more and more security-critical workloads will be …
{CipherH}: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations
The ciphertext side channel is a new type of side channels that exploits deterministic
memory encryption of trusted execution environments (TEE). It enables the adversary with …
memory encryption of trusted execution environments (TEE). It enables the adversary with …
A bounded symbolic-size model for symbolic execution
Symbolic execution is a powerful program analysis technique which allows executing
programs with symbolic inputs. Modern symbolic execution tools use a concrete modeling of …
programs with symbolic inputs. Modern symbolic execution tools use a concrete modeling of …
HASTE: Software security analysis for timing attacks on clear hardware assumption
P Chakraborty, J Cruz, C Posada… - IEEE embedded …, 2021 - ieeexplore.ieee.org
Information leakage via timing side-channel analysis can compromise embedded systems
used in diverse applications that are otherwise secure. Most state-of-the-art timing side …
used in diverse applications that are otherwise secure. Most state-of-the-art timing side …
Aim, Wait, Shoot: How the CacheSniper Technique Improves Unprivileged Cache Attacks
S Briongos, I Bruhns, P Malagón… - 2021 IEEE European …, 2021 - ieeexplore.ieee.org
Microarchitectural side channel attacks have been very prominent in security research over
the last few years. Caches proved to be an outstanding side channel, as they provide high …
the last few years. Caches proved to be an outstanding side channel, as they provide high …
SPIDER: Speeding up Side-Channel Vulnerability Detection via Test Suite Reduction
Side-channel attacks allow adversaries to infer sensitive information, such as cryptographic
keys or private user data, by monitoring unintentional information leaks of running programs …
keys or private user data, by monitoring unintentional information leaks of running programs …
Exposing cache timing side-channel leaks through out-of-order symbolic execution
As one of the fundamental optimizations in modern processors, the out-of-order execution
boosts the pipeline throughput by executing independent instructions in parallel rather than …
boosts the pipeline throughput by executing independent instructions in parallel rather than …
SpecSafe: detecting cache side channels in a speculative world
The high-profile Spectre attack and its variants have revealed that speculative execution
may leave secret-dependent footprints in the cache, allowing an attacker to learn …
may leave secret-dependent footprints in the cache, allowing an attacker to learn …
RECAST: Mitigating Conflict-Based Cache Attacks Through Fine-Grained Dynamic Mapping
X Zhang, H Gong, R Chang… - IEEE Transactions on …, 2024 - ieeexplore.ieee.org
Conflict-based cache attacks can leak critical information from target programs. Accordingly,
randomization-based cache designs have emerged as an efficient and LLC-favorable way …
randomization-based cache designs have emerged as an efficient and LLC-favorable way …