2015
DOI: 10.1515/popets-2015-0003
|View full text |Cite
|
Sign up to set email alerts
|

Know Thy Neighbor: Crypto Library Detection in Cloud

Abstract: Software updates and security patches have become a standard method to fix known and recently discovered security vulnerabilities in deployed software. In server applications, outdated cryptographic libraries allow adversaries to exploit weaknesses and launch attacks with significant security results. The proposed technique exploits leakages at the hardware level to first, determine if a specific cryptographic library is running inside (or not) a co-located virtual machine (VM) and second to discover the IP of… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
16
0

Year Published

2015
2015
2021
2021

Publication Types

Select...
5
3
1

Relationship

0
9

Authors

Journals

citations
Cited by 31 publications
(16 citation statements)
references
References 27 publications
0
16
0
Order By: Relevance
“…In contrast to Prime+Probe, Flush+Reload exploits the availability of shared memory and especially shared libraries between the attacker and the victim program. Applications of Flush+Reload have been shown to be reliable and powerful, mainly to attack cryptographic algorithms [12,17,18,48].…”
Section: Cache Attacks and Rowhammermentioning
confidence: 99%
“…In contrast to Prime+Probe, Flush+Reload exploits the availability of shared memory and especially shared libraries between the attacker and the victim program. Applications of Flush+Reload have been shown to be reliable and powerful, mainly to attack cryptographic algorithms [12,17,18,48].…”
Section: Cache Attacks and Rowhammermentioning
confidence: 99%
“…Gruss et al [9] have shown that a variant of Flush+Reload without the clflush instruction is possible without a significant loss in accuracy. Applications of Flush+Reload have been shown to be reliable and powerful, mainly to attack cryptographic algorithms [12,13,14,15]. Flush+Reload is also being used to compromise user privacy.…”
Section: Figure 1 Phases Of Flush+reload Techniquementioning
confidence: 99%
“…The attack was first introduced in [33], and was later extended to target the LLC to retrieve cryptographic keys, TLS protocol session messages or keyboard keystrokes across VMs [2,34,35]. It has also demonstrated its power against AES T-table based implementations [36], RSA implementations [2], or ECDSA [37] among others, and also detecting cryptographic libraries [38]. Further, Zhang et al [39] showed that it is applicable in several commercial PaaS clouds, where it is possible to achieve co-residency with a victim [13].…”
Section: Flush+reloadmentioning
confidence: 99%