Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security – Theory vs

Published byRudolph Barnett Modified over 6 years ago

Similar presentations

Presentation on theme: "Information Security – Theory vs"— Presentation transcript:

1 Information Security – Theory vs
Information Security – Theory vs. Reality , Winter Lecture 2: Architectural side-channels (2/2) Lecturer: Eran Tromer

2 Course agenda

3 Architectural side-channel attacks (cont.)

4 L3 Flush+Reload attack [Yarom Falkner 2014]
Target outermost cache, shared between all CPU cores (typically L3) RSA key extraction from GnuPG Target specific memory block (instead of cache set) Exploits memory deduplication (content-based page sharing) Common code, libraries, data across VMs Supposedly safe (nominally, no new information flow)

5 L3 flush+reload attack (cont.)

6 L3 flush+reload attack on GnuPG’s RSA
[Yarom Falkner 2014]

7 Other attacks on RSA Cache attack using HyperThreading [Percival 05]
Attacker’s MUL time Cache attack using HyperThreading [Percival 05] ALU multiplier attack [Aciicmez Seifert 2007] cache set time time MUL SQR Victim’s operation On whiteboard: m-ary exponentiation

8 Other architectural attacks (Whiteboard discussion)
Covert channels [Hu ’91, ‘92] Hardware-assisted – Power trace [Page ’02] Timing attacks via internal collisions [Tsunoo Tsujihara Minematsu Miyuachi ’02] [Tsunoo Saito Suzaki Shigeri Miyauchi ’03] Model-less timing attacks [Bernstein ’04] RSA [Percival ’05] Exploiting the scheduler [Neve Seifrert ’07] Improve temporal resolution by causing victim to get tiny time slice Instruction cache Aciicmez ’07] Exploits difference between code paths Attacks are analogous to data cache attack Branch prediction [Aciicmez Schindler Koc ’06–’07] Exploits difference in choice of code path BP state is a shared resource ALU resources [Aciicmez Seifert ’07] Exploits contention for the multiplication units Many followups

9 (classroom discussion)
Mitigation (classroom discussion)

Download ppt "Information Security – Theory vs"

Similar presentations

Cross-VM Side Channels and Their Use to Extract Private Keys

Cross-VM Side Channels and Their Use to Extract Private Keys
Computer Architecture Instruction-Level Parallel Processors

Computer Architecture Instruction-Level Parallel Processors
Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)

Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)
1 Information Security – Theory vs. Reality 0368-4474-01, Winter 2011 Lecture 2: Crypto review, fault attacks Eran Tromer (This lecture was given mostly.

1 Information Security – Theory vs. Reality , Winter 2011 Lecture 2: Crypto review, fault attacks Eran Tromer (This lecture was given mostly.
Microprocessors. Von Neumann architecture Data and instructions in single read/write memory Contents of memory addressable by location, independent of.

Microprocessors. Von Neumann architecture Data and instructions in single read/write memory Contents of memory addressable by location, independent of.
1 Lecture 20 – Caching and Virtual Memory  2004 Morgan Kaufmann Publishers Lecture 20 Caches and Virtual Memory.

1 Lecture 20 – Caching and Virtual Memory  2004 Morgan Kaufmann Publishers Lecture 20 Caches and Virtual Memory.
1 Information Security – Theory vs. Reality 0368-4474-01, Winter 2011 Lecture 1: Introduction Eran Tromer.

1 Information Security – Theory vs. Reality , Winter 2011 Lecture 1: Introduction Eran Tromer.
Full AES key extraction in 65 milliseconds using cache attacks

Full AES key extraction in 65 milliseconds using cache attacks
CSCE101 – 4.2, 4.3 October 17, 2006. Power Supply Surge Protector –protects from power spikes which ruin hardware. Voltage Regulator – protects from insufficient.

CSCE101 – 4.2, 4.3 October 17, Power Supply Surge Protector –protects from power spikes which ruin hardware. Voltage Regulator – protects from insufficient.
Cryptanalysis through Cache Address Leakage Eran Tromer Adi Shamir Dag Arne Osvik.

Cryptanalysis through Cache Address Leakage Eran Tromer Adi Shamir Dag Arne Osvik.
RISC. Rational Behind RISC Few of the complex instructions were used –data movement – 45% –ALU ops – 25% –branching – 30% Cheaper memory VLSI technology.

RISC. Rational Behind RISC Few of the complex instructions were used –data movement – 45% –ALU ops – 25% –branching – 30% Cheaper memory VLSI technology.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Written by Thomas Ristenpart Eran Tromer Hovav Shacham Stehan.

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Written by Thomas Ristenpart Eran Tromer Hovav Shacham Stehan.
1 Introduction to Information Security 0368-3065, Spring 2013 Lecture 9: Trusted computing architecture (cont.) Side-channel attacks Eran Tromer Slides.

1 Introduction to Information Security , Spring 2013 Lecture 9: Trusted computing architecture (cont.) Side-channel attacks Eran Tromer Slides.
Guanhai Wang, Minglu Li and Chuliang Weng Shanghai Jiao Tong University, China. SVM09, Wuhan, China.

Guanhai Wang, Minglu Li and Chuliang Weng Shanghai Jiao Tong University, China. SVM09, Wuhan, China.
1 Information Security – Theory vs. Reality 0368-4474, Winter 2013-2014 Lecture 1: Introduction Eran Tromer with guest appearance by Daniel Genkin.

1 Information Security – Theory vs. Reality , Winter Lecture 1: Introduction Eran Tromer with guest appearance by Daniel Genkin.
Lecture #30 Page 1 ECE 4110– Sequential Logic Design Lecture #30 Agenda 1.von Neumann Stored Program Computer Architecture Announcements 1.N/A.

Lecture #30 Page 1 ECE 4110– Sequential Logic Design Lecture #30 Agenda 1.von Neumann Stored Program Computer Architecture Announcements 1.N/A.
Performance of mathematical software Agner Fog Technical University of Denmark www.agner.org.

Performance of mathematical software Agner Fog Technical University of Denmark
Super computers Parallel Processing By Lecturer: Aisha Dawood.

Super computers Parallel Processing By Lecturer: Aisha Dawood.
A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.

A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.
Architectural Side Channels in Cloud Computing

Architectural Side Channels in Cloud Computing

Similar presentations

Ads by Google