Cache-Timing Attacks Still Threaten IoT Devices

Abstract: Deployed widely and embedding sensitive data, IoT devices depend on the reliability of cryptographic libraries to protect user information. However when implemented on real systems, cryptographic algorithms are vulnerable to side channel attacks based on their execution behavior, which can be revealed by measurements of physical quantities such as timing or power consumption. Some countermeasures can be implemented in order to prevent those attacks. However those countermeasures are generally designed at high … Show more

“…In addition to studying and validating attacks on the virtual platform, it is important for the tool to be able to uncover new attacks, from static or symbolic source code analysis or from dynamic trace analysis, while also being able to detect abnormal behavior on a real SoC which could hide undocumented security features [17]. It is worth mentioning that the virtual platform can be used in combination with existing security evaluation tools: for example, a vulnerability identification step can be performed by static and symbolic analysis of source code [9], [42], which are functionalities embedded in the Catalyzr™ tool developed by Secure-IC. The found vulnerabilities may then be analyzed in depth with the virtual platform.…”

“…c) Defenses: Several past work have tried to provide a framework to evaluate attacks on real hardware. Some approaches use dynamic analysis [47], static analysis [9], [13], [42], or a combination of static and dynamic analysis [46], while other approaches directly measure cache hits and misses [21], [48] to find paths of exploitation for vulnerable implementations.…”

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

“…In addition to studying and validating attacks on the virtual platform, it is important for the tool to be able to uncover new attacks, from static or symbolic source code analysis or from dynamic trace analysis, while also being able to detect abnormal behavior on a real SoC which could hide undocumented security features [17]. It is worth mentioning that the virtual platform can be used in combination with existing security evaluation tools: for example, a vulnerability identification step can be performed by static and symbolic analysis of source code [9], [42], which are functionalities embedded in the Catalyzr™ tool developed by Secure-IC. The found vulnerabilities may then be analyzed in depth with the virtual platform.…”

“…c) Defenses: Several past work have tried to provide a framework to evaluate attacks on real hardware. Some approaches use dynamic analysis [47], static analysis [9], [13], [42], or a combination of static and dynamic analysis [46], while other approaches directly measure cache hits and misses [21], [48] to find paths of exploitation for vulnerable implementations.…”

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

“…• Replay attack: The adversary manages to collect authentic information and re-transmits it illegitimately [27]: Later, the adversary deceives the receiver to perform unwanted actions. • Timing attack: The adversary tries to discover vulnerabilities in the security mechanisms by observing a node's response time to various queries, input, or cryptographic algorithms [28]. The adversary targets nodes with weak computing capabilities to implement timing attacks.…”

An investigation of cyber-attacks and security mechanisms for connected and autonomous vehicles

“…The attack targets nodes having weak computing capabilities [82]. The attacker discovers vulnerabilities and learns about the security mechanisms employed within a system by observing the system's response time to various queries, input, or cryptographic algorithms.…”

Non-functional requirements elicitation for edge computing