PMFault: Faulting and Bricking Server CPUs through Management Interfaces

Chen, Zitai; Oswald, David

doi:10.46586/tches.v2023.i2.1-23

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

Publication Types

Select...

Other1

Article1

Relationship

Self Cite0

Independent2

Authors

Journals

Cited by 2 publications

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*

Rosemond Dora,

Hluchy,

Nemoga

2024

2024 IEEE 22nd World Symposium on Applied Machine Intelligence and Informatics (SAMI)

View full text Add to dashboard Cite

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*

Rosemond Dora,

Hluchy,

Nemoga

2024

2024 IEEE 22nd World Symposium on Applied Machine Intelligence and Informatics (SAMI)

View full text Add to dashboard Cite

Single Trace Analysis of Visible vs. Invisible Leakage for Comparison-Operation-Based CDT Sampling

Choi,

Han,

Han

2024

Electronics

View full text Add to dashboard Cite

The emergence of quantum computers poses a significant threat to the security of conventional public-key cryptosystems, driving the demand for quantum-resistant cryptographic solutions. In response, the National Institute of Standards and Technology (NIST) conducted a multi-year competition, ultimately selecting four ciphers. Among these, Falcon employs cumulative distribution table (CDT) sampling, which produces arrays of random values derived from a discrete Gaussian distribution during the signature generation phase. This array is then used with secret key information, forming the core of Falcon. Enhanced variants of Falcon, such as Mitaka, SOLMAE, and Antrag, implemented CDT sampling using comparison operations. Previous research by Choi et al. proposed a single trace analysis and countermeasure for CDT sampling, which exploited a non-constant-time vulnerability in 8-bit AVR microcontrollers. However, this vulnerability is specific to certain environments, and a potential vulnerability in comparison-operation-based constant-time CDT sampling remains unstudied. This paper is an extension of that study. This paper investigates the constant-time operation of comparison-operation-based CDT sampling on Arm Cortex-M4-based chips and proposes a deep learning-based side-channel analysis to recover the sampling values using a novel vulnerability. The proposed model achieves an F1 score of 1.0 and a recovery success rate of 99.97%.

show abstract

PMFault: Faulting and Bricking Server CPUs through Management Interfaces

Cited by 2 publications

References 5 publications

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*

Single Trace Analysis of Visible vs. Invisible Leakage for Comparison-Operation-Based CDT Sampling

Contact Info

Product

Resources

About

PMFault: Faulting and Bricking Server CPUs through Management Interfaces

Cited by 2 publications

References 5 publications

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) *

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) *

Single Trace Analysis of Visible vs. Invisible Leakage for Comparison-Operation-Based CDT Sampling

Contact Info

Product

Resources

About

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*

Detection and Exploitation of Intelligent Platform Management Interface (IPMI) ^*