A survey of microarchitectural timing attacks and countermeasures on contemporary hardware
Microarchitectural timing channels expose hidden hardware states though timing. We survey
recent attacks that exploit microarchitectural features in shared hardware, especially as they …
recent attacks that exploit microarchitectural features in shared hardware, especially as they …
[PDF][PDF] ASLR on the Line: Practical Cache Attacks on the MMU.
Address space layout randomization (ASLR) is an important first line of defense against
memory corruption attacks and a building block for many modern countermeasures. Existing …
memory corruption attacks and a building block for many modern countermeasures. Existing …
Verifying {Constant-Time} Implementations
The constant-time programming discipline is an effective countermeasure against timing
attacks, which can lead to complete breaks of otherwise secure systems. However, adhering …
attacks, which can lead to complete breaks of otherwise secure systems. However, adhering …
Sok: The challenges, pitfalls, and perils of using hardware performance counters for security
Hardware Performance Counters (HPCs) have been available in processors for more than a
decade. These counters can be used to monitor and measure events that occur at the CPU …
decade. These counters can be used to monitor and measure events that occur at the CPU …
A software approach to defeating side channels in last-level caches
We present a software approach to mitigate access-driven side-channel attacks that
leverage last-level caches (LLCs) shared across cores to leak information between security …
leverage last-level caches (LLCs) shared across cores to leak information between security …
Winter is here! A decade of cache-based side-channel attacks, detection & mitigation for RSA
Timing-based side-channels play an important role in exposing the state of a process
execution on underlying hardware by revealing information about timing and access …
execution on underlying hardware by revealing information about timing and access …
System-level non-interference for constant-time cryptography
Cache-based attacks are a class of side-channel attacks that are particularly effective in
virtualized or cloud-based environments, where they have been used to recover secret keys …
virtualized or cloud-based environments, where they have been used to recover secret keys …
FaCT: a DSL for timing-sensitive computation
S Cauligi, G Soeller, B Johannesmeyer… - Proceedings of the 40th …, 2019 - dl.acm.org
Real-world cryptographic code is often written in a subset of C intended to execute in
constant-time, thereby avoiding timing side channel vulnerabilities. This C subset eschews …
constant-time, thereby avoiding timing side channel vulnerabilities. This C subset eschews …
Hails: Protecting data privacy in untrusted web applications
Modern extensible web platforms like Facebook and Yammer depend on third-party
software to offer a rich experience to their users. Unfortunately, users running a third-party …
software to offer a rich experience to their users. Unfortunately, users running a third-party …
Clock around the clock: Time-based device fingerprinting
I Sanchez-Rola, I Santos, D Balzarotti - Proceedings of the 2018 ACM …, 2018 - dl.acm.org
Physical device fingerprinting exploits hardware features to uniquely identify a machine.
This technique has been used for authentication, license binding, or attackers identification …
This technique has been used for authentication, license binding, or attackers identification …