Microarchitectural Attacks and Countermeasures

References

  1. 1.
    O. Acıçmez and J.-P. Seifert. Cheap hardware parallelism implies cheap security. 4th Workshop on Fault Diagnosis and Tolerance in Cryptography — FDTC 2007, pp. 80–91, IEEE Computer Society, 2007.Google Scholar
  2. 2.
    O. Acıçmez. Yet another microarchitectural attack: Exploiting I-cache. Proceedings of the 2007 ACM Workshop on Computer Security Architecture, pp. 11–18, ACM Press, 2007. Also available at: Cryptology ePrint Archive, Report 2007/164, May 2007.Google Scholar
  3. 3.
    O. Acıçmez, ç. K. Koç, and J.-P. Seifert. On The power of simple branch prediction analysis. 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS’07), R. Deng and P. Samarati, editors, pp. 312–320, ACM Press, 2007. Also available at: Cryptology ePrint Archive, Report 2006/351, October 2006.Google Scholar
  4. 4.
    O. Acıçmez, ç. K. Koç, and J.-P. Seifert. Predicting secret keys via branch prediction. Topics in Cryptology — CT-RSA 2007, The Cryptographers’ Track at the RSA Conference 2007, M. Abe, editor, pp. 225–242, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007, also available at: Cryptology ePrint Archive, Report 2006/288, August 2006.Google Scholar
  5. 5.
    O. Acıçmez and ç. K. Koç. Trace-driven cache attacks on AES (Short Paper). \(8^th\) International Conference on Information and Communications Security — ICICS’06, P. Ning, S. Qing, and N. Li, editors, pp. 112–121, Springer-Verlag, Lecture Notes in Computer Science series 4307, 2006. Full version is available at: Cryptology ePrint Archive, Report 2006/138, April 2006.Google Scholar
  6. 6.
    O. Acıçmez, W. Schindler, and ç. K. Koç. Cache based remote timing attack on the AES. Topics in Cryptology — CT-RSA 2007, The Cryptographers’ Track at the RSA Conference 2007, M. Abe, editor, pp. 271–286, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007.Google Scholar
  7. 7.
    O. Acıçmez, S. Gueron, and J.-P. Seifert. New branch prediction vulnerabilities in OpenSSL and necessary software countermeasures. \(11^th\) IMA International Conference on Cryptography and Coding, S. D. Galbraith, editor, pp. 185–203, Springer-Verlag, LNCS 4887, 2007, also available at: Cryptology ePrint Archive, Report 2007/039, February 2007.Google Scholar
  8. 8.
    G. Agosta, L. Breveglieri, I. Koren, G. Pelosi, and M. Sykora. Countermeasures Against Branch Target Buffer Attacks. 4th Workshop on Fault Diagnosis and Tolerance in Cryptography — FDTC 2007, pp. 75–79, IEEE Computer Society, 2007.Google Scholar
  9. 9.
    D. E. Bell and L. La Padula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, MITRE Corporation, 1973.Google Scholar
  10. 10.
    D. J. Bernstein. Cache-timing attacks on AES. Technical Report, 37 pages, April 2005. Available at http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
  11. 11.
    G. Bertoni, V. Zaccaria, L. Breveglieri, M. Monchiero, and G. Palermo. AES power attack based on induced cache miss and countermeasure. International Symposium on Information Technology: Coding and Computing - ITCC 2005, vol. 1, pp. 4–6, 2005.Google Scholar
  12. 12.
    J. Bonneau and I. Mironov. Cache-Collision Timing Attacks against AES. Cryptographic Hardware and Embedded Systems — CHES 2006, L. Goubin and M. Matsui, editors, pp. 201–215, Springer-Verlag, Lecture Notes in Computer Science series 4249, 2006.Google Scholar
  13. 13.
    E. Brickell, G. Graunke, M. Neve, and J.-P. Seifert. Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052, February 2006.Google Scholar
  14. 14.
    E. Brickell, G. Graunke, and J.-P. Seifert. Mitigating Software Side Channels in AES and RSA Software. Developers track RSA 2006, RSA conference San Jose, 2006.Google Scholar
  15. 15.
    Department of Defence. Trusted Computing System Evaluation Criteria (Orange Book). DoD 5200.28-STD, 1985.Google Scholar
  16. 16.
    R. C. Detmer. Introduction to 80X86 Assembly Language and Computer Architecture. Jones & Bartlett Publishers, 2001.Google Scholar
  17. 17.
    P. Genua. A Cache Primer. Technical Report, Freescale Semiconductor Inc., 16 pages, 2004. Available at http://www.freescale.com/files/32bit/doc/app_note/AN2663.pdf.
  18. 18.
    J. Handy. The Cache Memory Book. 2nd edition, Morgan Kaufmann, 1998.Google Scholar
  19. 19.
    NIST. History of Computer Security Project: Early Papers. National Institute of Standards and Technology, Computer Security Division: Computer Security Resource Center, available at http://csrc.nist.gov/ publications/history/index.html
  20. 20.
    W. M. Hu. Lattice scheduling and covert channels. Proceedings of the IEEE Symposium on Security and Privacy, pp. 52–61, IEEE Computer Society, 1992.Google Scholar
  21. 21.
    M. Joye and M. Tunstall. Securing OpenSSL Against Microarchitectural Attacks. International Conference on Security and Cryptography — SeCrypt’07, J. Hernando, E. Fernández-Medina, and M. Malek, editors, pp. 189–196, INSTICC Press, 2007.Google Scholar
  22. 22.
    J. Kelsey, B. Schneier, D. Wagner, and C. Hall. Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security, vol. 8, pp. 141–158, 2000.Google Scholar
  23. 23.
    P. C. Kocher. Timing Attacks on Implementations of Diffie–Hellman, RSA, DSS, and Other Systems. Advances in Cryptology – CRYPTO ’96, N. Koblitz, editor, pp. 104–113, Springer-Verlag, Lecture Notes in Computer Science series 1109, 1996.Google Scholar
  24. 24.
    C. Lauradoux. Collision attacks on processors with cache and countermeasures. Western European Workshop on Research in Cryptology — WEWoRC 2005, C. Wolf, S. Lucks, and P.-W. Yau, editors, pp. 76–85, 2005.Google Scholar
  25. 25.
    A. J. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, New York, 1997.Google Scholar
  26. 26.
    M. Neve and J.-P. Seifert. Advances on Access-driven Cache Attacks on AES. 13th International Workshop on Selected Areas of Cryptography — SAC’06, E. Biham and A. M. Youssef, editors, pp. 147–162, Springer, Lecture Notes in Computer Science series 4356, 2007.Google Scholar
  27. 27.
    M. Neve, J.-P. Seifert, and Z. Wang. A refined look at Bernstein’s AES side-channel analysis. Proceedings of ACM Symposium on Information, Computer and Communications Security — ASIACCS’06, p. 369, ACM Press, 2006.Google Scholar
  28. 28.
    D. A. Osvik, A. Shamir, and E. Tromer. Other People’s Cache: Hyper Attacks on HyperThreaded Processors. Presentation available at http://www.wisdom.weizmann.ac.il/ \(\sim\)tromer/.
  29. 29.
    D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: The Case of AES. Topics in Cryptology — CT-RSA 2006, The Cryptographers’ Track at the RSA Conference 2006, D. Pointcheval, editor, pp. 1–20, Springer-Verlag, Lecture Notes in Computer Science series 3860, 2006Google Scholar
  30. 30.
    R. van der Pas. Memory Hierarchy in Cache-Based Systems. Technical Report, Sun Microsystems Inc., p. 28, 2002, available at http://www.sun.com/blueprints/1102/817-0742.pdf
  31. 31.
    D. Page. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02-003, Department of Computer Science, University of Bristol, June 2002.Google Scholar
  32. 32.
    D. Page. Defending Against Cache Based Side-Channel Attacks. Technical Report. Department of Computer Science, University of Bristol, 2003.Google Scholar
  33. 33.
    D. Page. Partitioned Cache Architecture as a Side Channel Defence Mechanism. Cryptography ePrint Archive, Report 2005/280, August 2005.Google Scholar
  34. 34.
    D. Patterson and J. Hennessy. Computer Architecture: A Quantitative Approach. 4th edition, Morgan Kaufmann, 2006.Google Scholar
  35. 35.
    C. Percival. Cache missing for fun and profit. BSDCan 2005, Ottawa, 2005. Available at http://www.daemonology.net/ hyperthreading-considered-harmful/
  36. 36.
    W. Schindler. A Combined Timing and Power Attack. PKC 2002, D. Naccache and P. Paillier, editors, LNCS 2274, pp. 263–279, 2002.Google Scholar
  37. 37.
    W. Schindler and C. D. Walter. More Detail for a Combined Timing and Power Attack against Implementations of RSA. 9th IMA International Conference on Cryptography and Coding, K. G. Paterson, editor, pp. 245–263, Springer-Verlag, LNCS Nr. 2898, 2003.Google Scholar
  38. 38.
    T. Shanley. The Unabridged Pentium 4 : IA32 Processor Genealogy. Addison-Wesley Professional, 2004.Google Scholar
  39. 39.
    J. Shen and M. Lipasti. Modern Processor Design: Fundamentals of Superscalar Processors, McGraw-Hill, 2005.Google Scholar
  40. 40.
    O. Sibert, P. A. Porras, and R. Lindell. The Intel 80\(\times\) 86 Processor Architecture: Pitfalls for Secure Systems. IEEE Symposium on Security and Privacy, pp. 211–223, 1995.Google Scholar
  41. 41.
    K. Tiri, O. Acıçmez, M. Neve, and F. Andersen. An Analytical Model for Time-Driven Cache Attacks. 14th International Workshop on Fast Software Encryption — FSE 2007, A. Biryukov, editor, pp. 399–413, Springer, Lecture Notes in Computer Science series 4593, 2007.Google Scholar
  42. 42.
    Trusted Computing Group. http://www.trustedcomputinggroup.org.
  43. 43.
    Y. Tsunoo, T.Saito, T. Suzaki, M. Shigeri, and H. Miyauchi. Cryptanalysis of DES Implemented on Computers with Cache. Cryptographic Hardware and Embedded Systems — CHES 2003, C. D. Walter, ç. K. Koç, and C. Paar, editors, pp. 62–76, Springer-Verlag, Lecture Notes in Computer Science series 2779, 2003.Google Scholar
  44. 44.
    Y. Tsunoo, E. Tsujihara, K. Minematsu, and H. Miyauchi. Cryptanalysis of Block Ciphers Implemented on Computers with Cache. ISITA 2002, 2002.Google Scholar
  45. 45.
    Y. Tsunoo, E. Tsujihara, M. Shigeri, H. Kubo, and K. Minematsu. Improving cache attacks by considering cipher structure. International Journal of Information Security, vol. 5(3), pp. 166–176, Springer-Verlag, 2006.Google Scholar
  46. 46.
    C. D. Walter and S. Thompson. Distinguishing Exponent Digits by Observing Modular Subtractions. Topics in Cryptology — CT-RSA 2001, The Cryptographers’ Track at the RSA Conference 2001, D. Naccache, editor, LNCS 2020, pp. 192–207, 2001.Google Scholar
  47. 47.
    Z. Wang and R. B. Lee. New Cache Designs for Thwarting Software Cache-based Side Channel Attacks. 34th International Symposium on Computer Architecture — ISCA’07, pp. 494–505, ACM Press, 2007.Google Scholar
  48. 48.
    W. Ware. Security Controls for Computer Systems. Report of Defense Science Board Task Force on Computer Security; Rand Report R609-1, The RAND Corporation, 1970.Google Scholar
  49. 49.
    Intel. Intel 64 and IA-32 Architectures Software Developer’s Manual Volume 3B: System Programming Guide.Google Scholar
  50. 50.
    A. Seznec. Branch Prediction under Scrutiny for Possible Security Flaw available online at http://www.irisa.fr/activity/new/007/branchpredictionattack004.

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  1. 1.Samsung Information Systems AmericaAmerica
  2. 2.City University of Istanbul University of California Santa Barbara

Personalised recommendations