Exploiting Hardware Performance Counters

Uhsadel, Leif; Georges, Andy; Verbauwhede, Ingrid

doi:10.1109/fdtc.2008.19

Cited by 65 publications

(40 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…If this information is somehow inferred as explained in [10] via "prime + probe" technique by timing or hardware performance counters (HPC) [11], one can obtain specific information on an index value (i.e., bytes of AES block) that is used to access the lookup tables. For instance, if a cache line, whose index y = 5 for T 0 , is known to be not accessed during one encryption, then we can safely say that upper nibble of corresponding bytes of AES block used to access the same table in any round cannot be equal to 5.…”

Section: A Observations Made Via Micro-architectural Side-channelsmentioning

confidence: 99%

Cache Attacks: An Information and Complexity Theoretic Approach

Savaş

Yılmaz

2012

2012 5th International Conference on New Technologies, Mobility and Security (NTMS)

View full text Add to dashboard Cite

In this paper, we present a formal analysis method of cache-based side-channel attacks by utilizing information and complexity theory. Although AES algorithm is chosen as the subject algorithm in the case study, the method is generic in the sense that it can be applied in many other algorithms that are subject to side-channel attacks. The adopted approach bases its analysis method on intermediate values used during the cryptographic computation observed via side-channels and explores the extent, to which the observations can be exploited in a successful attack. The method allows us to accurately estimate the feasibility of an attack strategy and compare efficiency of different attacks. Ultimate goal is to explore every attack possibility and estimate its corresponding feasibility to determine the optimal level of appropriate countermeasures. Using the method, we analyze four different cache-based attacks on AES and determine the complexity, feasibility, and strength of each attack. Our analysis demonstrates that second round-only attack on AES is feasible when the first and the last rounds are already protected.

show abstract

Section: A Observations Made Via Micro-architectural Side-channelsmentioning

confidence: 99%

Cache Attacks: An Information and Complexity Theoretic Approach

Savaş

Yılmaz

2012

2012 5th International Conference on New Technologies, Mobility and Security (NTMS)

View full text Add to dashboard Cite

show abstract

“…As CPUs modernas apresentam uma característica chamada de performance counters [Uhsadel et al 2008], que são registradores incrementados conforme o comportamento da CPU; istoé, são capazes de mostrar estatísticas da CPU durante um determinado espaço de tempo. Tais estatísticas são tão complexas de serem mensuradas via aplicação queé necessário que o hardware possua um circuito próprio para esse fim.…”

Section: Comportamento Do Hardwareunclassified

sendmmsg: An Efficient System Call to Send Multiple Messages on Linux

Leitao

Garcia

2011

2011 Brazilian Symposium on Computing System Engineering

View full text Add to dashboard Cite

This article describes the limitations of sendmsg, the current system call responsible for sending network messages in Linux. It is shown that this system call performance is not good enough, mainly when it needs to send a batch of similar data to many destinations in the network, as commonly experienced in IPTV servers. In order to prove that, a new system call has been implemented, sendmmsg, which acts similarly to the original one, but presenting some performance advantages, specially when sending similar data to peers. This new call needs only an extra parameter, when compared to the original one.Resumo-Este artigo descreve as limitações da chamada de sistema sendmsg responsável por enviar mensagens de rede no sistema operacional Linux.É mostrado que tal chamada não possui um bom desempenho quando se necessita enviar vários pacotes em lote, contendo dados similares, para vários destinatários remotos -caso comum em servidores de IPTV. Para tanto,é implementada uma nova função, sendmmsg, parecida com a original, porém, mais eficiente, apenas com o acréscimo de um parâmetro. I. INTRODUÇÃOCom a popularização dos serviços sobre Internet Protocol (IP) e a recente onda de TV sobre Internet (IPTV), muitos estudos estão surgindo com foco naárea de protocolos e codificação de vídeo. Em paralelo a esses estudos, este artigo vai além, com a finalidade de focar os métodos de implementação do subsistema de comunicação especialmente no sistema operacional Linux.Sabe-se que a tecnologia IPTVé fortemente baseada Realtime Transport Protocol (RTP), que, por sua vez,é baseado no User Datagram Protocol (UDP) [Silverston et al. 2009]. Essa pilha de protocolos tem como "porta de saída" a chamada de sistema denominada sendmsg, queé vastamente utiliza no Linux por software de transmissão de conteúdo [Mukherjee and Brecht 2000]. Tal chamadaé executada todas as vezes que um pacote precisa ser enviado para um destino, mesmo quando vários pacotes possuem os mesmos dados, istoé, dado um lote de pacotes idênticos, estes precisam ser enviados um a um para todos os destinatários [Lahav et al. 2008]. Tal problema não acontece em pequenas redes, uma vez que existe a tecnologia de multicast, que permite a transmissão de um pacote para um grupo de destinatários. Embora a tecnologia de multicast seja madura e facilmente configurável, ela nãoé amplamente utilizada nos servidores e roteadores da Internet comercial[Levine and Garcia-Luna-Aceves 1997], implicando que os sistemas de software de transmissão de conteúdo, principalmente os de IPTV, ainda se baseiem na tecnologia unicast. Essa implicação reflete diretamente ná area de sistemas operacionais, uma vez que a chamada de sistema implementada para enviar mensagens unicast passa a ser utilizada para enviar múltiplas mensagens unicast, aqui chamadas de multiunicast.Assumindo que o multiunicasté um padrão de facto no envio de vídeo, torna-se fácil calcular a dimensão da quantidade de vezes em que a chamada sendmsgé executada para a transmissão de um vídeo de alta resolução. Supondo que cada quadro ...

show abstract

“…HPCs have known an increasing popularity in the last few years, bringing important contributions not only to their original application domain but also in various other fields such as program integrity checking [1] or cryptanalysis [2], where HPCs are exploited as side-channels for CPU dependant information leaks. Nonetheless HPCs are noisy by their very nature presenting a certain level of nondeterminism in the counter values, which represents a major issue in the process of accurately evaluating software products, but at the same time shows a high potential for random number generation.…”

Section: Introductionmentioning

confidence: 99%

Unpredictable Random Number Generator Based on the Performance Data Helper Interface

Marton

Tóth

Suciu

2012

2012 14th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing

View full text Add to dashboard Cite

Performance evaluation and monitoring is essential for guiding performance improvement efforts and tuning software products -such as operating systems or applications -based on the analysis of hardware events and hardware performance counters (HPC). Nevertheless, hardware performance counters are noisy by their very nature. The causes of variations in the counter values are so complex that are nearly impossible to determine. Hence, while being a major issue in the process of accurately evaluating software products, the unpredictability exhibited by HPCs offers a high potential for random number generation. In the present paper we propose an unpredictable random number generator based on the variations in the HPC values provided by the Performance Data Helper (PDH) interface on Windows operating systems and analyze the randomness quality and throughput of the generator in order to determine its suitability for integration in cryptographic applications. Experimental results show a high statistical quality of the generated sequences for the best performing counters -measured using the NIST statistical test suite, and a throughput level at approximately 10-80 kB/s.

show abstract

Exploiting Hardware Performance Counters

Cited by 65 publications

References 11 publications

Cache Attacks: An Information and Complexity Theoretic Approach

Cache Attacks: An Information and Complexity Theoretic Approach

sendmmsg: An Efficient System Call to Send Multiple Messages on Linux

Unpredictable Random Number Generator Based on the Performance Data Helper Interface

Contact Info

Product

Resources

About