{"title":"基于缓存的侧通道攻击中信息泄漏源的隔离方法","authors":"A. C. Atici, Cemal Yilmaz, E. Savaş","doi":"10.1109/SERE-C.2013.15","DOIUrl":null,"url":null,"abstract":"We demonstrate that a certain class of side-channel attacks is feasible due to unintentional cache contentions between code segments in cryptographic applications. These inadvertent contentions should be considered as a flaw in the implementation of cryptographic applications, which necessitates a software analysis framework to identify their primary cause and check the effectiveness of proposed countermeasures. We present an approach to detect code segments in cryptographic applications that are in cache contentions with each other, thus leaking information that can be exploited in side-channel attacks to extract secret keys. To evaluate this approach, we conducted a series of experiments by using the well-known Bernstein's attack. Our results demonstrate, for the first time, that the primary source of exploitable information leakage in the Bernstein's AES server, rendering the attack a success, is the unintentional cache contentions between the parts of the OS kernel that handle network communications and the AES encryption code.","PeriodicalId":150535,"journal":{"name":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","volume":"172 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"An Approach for Isolating the Sources of Information Leakage Exploited in Cache-Based Side-Channel Attacks\",\"authors\":\"A. C. Atici, Cemal Yilmaz, E. Savaş\",\"doi\":\"10.1109/SERE-C.2013.15\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We demonstrate that a certain class of side-channel attacks is feasible due to unintentional cache contentions between code segments in cryptographic applications. These inadvertent contentions should be considered as a flaw in the implementation of cryptographic applications, which necessitates a software analysis framework to identify their primary cause and check the effectiveness of proposed countermeasures. We present an approach to detect code segments in cryptographic applications that are in cache contentions with each other, thus leaking information that can be exploited in side-channel attacks to extract secret keys. To evaluate this approach, we conducted a series of experiments by using the well-known Bernstein's attack. Our results demonstrate, for the first time, that the primary source of exploitable information leakage in the Bernstein's AES server, rendering the attack a success, is the unintentional cache contentions between the parts of the OS kernel that handle network communications and the AES encryption code.\",\"PeriodicalId\":150535,\"journal\":{\"name\":\"2013 IEEE Seventh International Conference on Software Security and Reliability Companion\",\"volume\":\"172 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE Seventh International Conference on Software Security and Reliability Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2013.15\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Seventh International Conference on Software Security and Reliability Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2013.15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Approach for Isolating the Sources of Information Leakage Exploited in Cache-Based Side-Channel Attacks
We demonstrate that a certain class of side-channel attacks is feasible due to unintentional cache contentions between code segments in cryptographic applications. These inadvertent contentions should be considered as a flaw in the implementation of cryptographic applications, which necessitates a software analysis framework to identify their primary cause and check the effectiveness of proposed countermeasures. We present an approach to detect code segments in cryptographic applications that are in cache contentions with each other, thus leaking information that can be exploited in side-channel attacks to extract secret keys. To evaluate this approach, we conducted a series of experiments by using the well-known Bernstein's attack. Our results demonstrate, for the first time, that the primary source of exploitable information leakage in the Bernstein's AES server, rendering the attack a success, is the unintentional cache contentions between the parts of the OS kernel that handle network communications and the AES encryption code.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
