2007
DOI: 10.1145/1273440.1250723
|View full text |Cite
|
Sign up to set email alerts
|

New cache designs for thwarting software cache-based side channel attacks

Abstract: Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose systems. The attacks are easy to perform, effective on most platforms, and do not require special instruments or excessive computation power. In recently demonstrated attacks on software implementations of ciphers like AES and RSA, the full key can be recovered by an… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

4
289
0

Year Published

2009
2009
2020
2020

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 243 publications
(295 citation statements)
references
References 8 publications
4
289
0
Order By: Relevance
“…We do not protect against side-channels and covert channels; many previous works have addressed these issues [57,58]. We also do not protect against Denial-of-Service attacks initiated by higher privilege levels against lower levels, as higher levels can always deny service by preventing lower levels from executing.…”
Section: Threat Model and Assumptionsmentioning
confidence: 99%
“…We do not protect against side-channels and covert channels; many previous works have addressed these issues [57,58]. We also do not protect against Denial-of-Service attacks initiated by higher privilege levels against lower levels, as higher levels can always deny service by preventing lower levels from executing.…”
Section: Threat Model and Assumptionsmentioning
confidence: 99%
“…-Testing to guide system design: The basic framework for information flow measurement via repeated deterministic replays presented in this paper could be used to test existing systems for inference and side channels [7][8][9][10]. -Information flow security systems: Researchers have begun to explore the possibility of building systems that enforce information flow security by comparing different outputs for different inputs [11].…”
Section: Applicationsmentioning
confidence: 99%
“…This inequality says that the entropy in the log file can only come from three sources: D, A, and N . The deterministic behavior that we did not need to log and replay from the log but did (I(L; D)) is chosen nondeterministically, meaning that before the transaction we do not know what determinism will be logged, so this term can be non-zero 10 . Any entropy from the confidential data A that was logged (I(L; A)) and then replayed will mask the entropy and can hide a covert channel from us.…”
Section: Theory Vs Practicementioning
confidence: 99%
See 1 more Smart Citation
“…Subsequent research verified the correctness of the findings [11,10,9,15], improved the attack technically [14,3,8] or algorithmically [5], and devised and analysed countermeasures [6,4,16].…”
Section: Introductionmentioning
confidence: 95%