SlideShare une entreprise Scribd logo

Cache based side_channel_attacks Anestis Bechtsoudis

Télécharger en tant que PPT, PDF
Information Security Awareness Group
Information Security Awareness Group

Cache based side_channel_attacks Anestis Bechtsoudis

TechnologieActualités & Politique
1  sur  25
LOGO New Cache Designs for Thwarting Software Cache-based Side Channel Attacks - Z. Wang & R. B. Lee Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010
Cache Based Side Channel Attacks Contents 1 Introduction 2 Threat Model and Attacks 3 Proposed Models 4 Evaluation 5 Conclusions 2 COMPANY LOGO
Cache Based Side Channel Attacks 1. Introduction 3 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 1/4  Information intensive society – imperative need for security  Design of cryptographic systems to ensure the data protection  Extensive test to cryptosystems over time  Cryptanalysis: the study of techniques to reveal the secret parameters of a security system 4 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 2/4  Classical cryptanalysis approach  Weaknesses in the algorithm – mathematical model  Attacks based on: ciphertext-only, known plaintext, chosen plaintext/ciphertext …  Black box approach of the cryptosystem  The cryptographic primitive is actually implemented in hardware  Modern cryptanalysis: attacker knows much more for the device – side channel leakage 5 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 3/4 6 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 4/4 7 COMPANY LOGO
Cache Based Side Channel Attacks 2. Threat Model and Attacks 8 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 1/6  Goal of the adversary is to learn information that he has no legitimate access to  Adversary: one or more unprivileged user processes, including remote clients, in the server where the secrets are processed  No physical access to the device  Goal achieved by performing legitimate operations – normal process  Victim and adversary are isolated processes 9 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 2/6 Percival’s attack on OpenSSL implementation of RSA algorithm in a SMT CPU  RSA core operation: modulo exponentiation – implemented with a series of ^2 and *  The encryption key is divided into segments  For each *, a multiplier is selected from precomputed constants stored in a LUT  Segment of key is used to index the LUT 10 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 3/6  Attacker manages to run simultaneously  Attack process sequentially and repeatedly accesses an array, thus loading data to occupy all cache lines  At the same time he measures the delay for each access to detect cache misses (ex. rdtsc timer in intel x86)  Victim’s cache accesses evict attacker’s data, enabling detection from the attacker 11 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 4/6 Cache RAM RSA Attacker  The attacker can identify which table entry is accessed -> the index used -> segment of the key 12 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 5/6 Bernstein’s Attack on AES  AES - “Black Box” software module  Give inputs and measure computation time  The execution time is input dependant and can be exploited to recover secret key  Attack consists of three phases: Learning, Attacking and Key Recovery  Statistical correlation analysis 13 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 6/6 14 COMPANY LOGO
Cache Based Side Channel Attacks 3. Proposed Models 15 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 1/4  Problem -> Directly or indirectly cache interference  Learn from attacks and rewrite software  Solutions are attack specific and performance degradation (2x, 4x slower)  Authors attempt to eliminate the root cause with minimum impact and low cost  Ideas -> Partitioning - Randomization 16 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 2/4 Partition-Locked Cache (PLCache) L ID Original Cache Line 17 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 3/4 Random Permutation Cache (RPCache)  Introduce randomization factor – no useful information about which cache lines evicted  Memory-to-cache mappings 18 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 4/4 19 COMPANY LOGO
Cache Based Side Channel Attacks 4. Evaluation 20 COMPANY LOGO
Cache Based Side Channel Attacks Evaluation 1/  OpenSSL 0.9.7a AES implementation  Traditional cache, L1 PLCache and L1 RPCache  5KByte AES protected data  L2 large enough – no performance impact 21 COMPANY LOGO
Cache Based Side Channel Attacks Evaluation 1/  PLCache & RPCache implemented in M-Sim v2.0 22 COMPANY LOGO
Cache Based Side Channel Attacks 5. Conclusions 23 COMPANY LOGO
Cache Based Side Channel Attacks Conclusions  Cache-based side channel attacks can harm general purpose cache based systems  Software solution -> attack specific  Hardware solutions -> general purpose  PLCache: minimal hardware cost – software developer must use different API  RPCache: area & complexity in hardware – no special treatment from software developers 24 COMPANY LOGO
LOGO Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010

Recommandé

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profit
Dharmalingam Ganesan
 
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
CODE BLUE
 
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
RootedCON
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets Security
Charles Guillemet
 
Clang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerClang: More than just a C/C++ Compiler
Clang: More than just a C/C++ Compiler
Samsung Open Source Group
 
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
adonatwork
 
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
PROIDEA
 

Recommandé

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profit
Dharmalingam Ganesan
 
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
CODE BLUE
 
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
RootedCON
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets Security
Charles Guillemet
 
Clang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerClang: More than just a C/C++ Compiler
Clang: More than just a C/C++ Compiler
Samsung Open Source Group
 
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
adonatwork
 
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
PROIDEA
 
Отчет Audit report RAPID7
Отчет Audit report RAPID7 Отчет Audit report RAPID7
Отчет Audit report RAPID7
Sergey Yrievich
 
Report PAPID 7
Report PAPID 7Report PAPID 7
Report PAPID 7
Sergey Yrievich
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf
AlexKarasulu1
 
20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)
LeClubQualiteLogicielle
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019
Alexander Master
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gpos
Priyanka Aash
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
Rod Soto
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Maksim Shudrak
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBD
Dan Frincu
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
Digital Bond
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitation
Dharmalingam Ganesan
 
Big Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsBig Data for Security - DNS Analytics
Big Data for Security - DNS Analytics
Marco Casassa Mont
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetup
karthik_krk
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processors
NebyueAwoke
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Community
 
ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)
Hamid Reza
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
IOSR Journals
 
IJCSE Paper
IJCSE PaperIJCSE Paper
IJCSE Paper
Sowmya Kambhampati
 
Summarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesSummarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering Techniques
Nikos Katirtzis
 
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Information Security Awareness Group
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Information Security Awareness Group
 

Contenu connexe

Similaire à Cache based side_channel_attacks Anestis Bechtsoudis

SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
Rod Soto
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Maksim Shudrak
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBD
Dan Frincu
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Community
 

Similaire à Cache based side_channel_attacks Anestis Bechtsoudis (20)

Отчет Audit report RAPID7
Отчет Audit report RAPID7 Отчет Audit report RAPID7
Отчет Audit report RAPID7
 
Report PAPID 7
Report PAPID 7Report PAPID 7
Report PAPID 7
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf
 
20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gpos
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBD
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitation
 
Big Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsBig Data for Security - DNS Analytics
Big Data for Security - DNS Analytics
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetup
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processors
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph
 
ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
 
IJCSE Paper
IJCSE PaperIJCSE Paper
IJCSE Paper
 
Summarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesSummarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering Techniques
 

Plus de Information Security Awareness Group

Plus de Information Security Awareness Group (20)

Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
 
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security Alliance
 
Big data analysis concepts and references
Big data analysis concepts and referencesBig data analysis concepts and references
Big data analysis concepts and references
 
PKI by Tim Polk
PKI by Tim PolkPKI by Tim Polk
PKI by Tim Polk
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A... Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
 
PKI by Gene Itkis
PKI by Gene ItkisPKI by Gene Itkis
PKI by Gene Itkis
 
Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...
 
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
 
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
 
THE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth PordesTHE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth Pordes
 
Open Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob CowlesOpen Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob Cowles
 
Security Open Science Grid Doug Olson
Security Open Science Grid Doug OlsonSecurity Open Science Grid Doug Olson
Security Open Science Grid Doug Olson
 
Open Science Group Security Kevin Hill
Open Science Group Security Kevin HillOpen Science Group Security Kevin Hill
Open Science Group Security Kevin Hill
 
Xrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew HanushevskyXrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew Hanushevsky
 
Privilege Project Vikram Andem
Privilege Project Vikram AndemPrivilege Project Vikram Andem
Privilege Project Vikram Andem
 

Dernier

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Cache based side_channel_attacks Anestis Bechtsoudis

  • 1. LOGO New Cache Designs for Thwarting Software Cache-based Side Channel Attacks - Z. Wang & R. B. Lee Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010
  • 2. Cache Based Side Channel Attacks Contents 1 Introduction 2 Threat Model and Attacks 3 Proposed Models 4 Evaluation 5 Conclusions 2 COMPANY LOGO
  • 3. Cache Based Side Channel Attacks 1. Introduction 3 COMPANY LOGO
  • 4. Cache Based Side Channel Attacks Introduction 1/4  Information intensive society – imperative need for security  Design of cryptographic systems to ensure the data protection  Extensive test to cryptosystems over time  Cryptanalysis: the study of techniques to reveal the secret parameters of a security system 4 COMPANY LOGO
  • 5. Cache Based Side Channel Attacks Introduction 2/4  Classical cryptanalysis approach  Weaknesses in the algorithm – mathematical model  Attacks based on: ciphertext-only, known plaintext, chosen plaintext/ciphertext …  Black box approach of the cryptosystem  The cryptographic primitive is actually implemented in hardware  Modern cryptanalysis: attacker knows much more for the device – side channel leakage 5 COMPANY LOGO
  • 6. Cache Based Side Channel Attacks Introduction 3/4 6 COMPANY LOGO
  • 7. Cache Based Side Channel Attacks Introduction 4/4 7 COMPANY LOGO
  • 8. Cache Based Side Channel Attacks 2. Threat Model and Attacks 8 COMPANY LOGO
  • 9. Cache Based Side Channel Attacks Threat Model and Attacks 1/6  Goal of the adversary is to learn information that he has no legitimate access to  Adversary: one or more unprivileged user processes, including remote clients, in the server where the secrets are processed  No physical access to the device  Goal achieved by performing legitimate operations – normal process  Victim and adversary are isolated processes 9 COMPANY LOGO
  • 10. Cache Based Side Channel Attacks Threat Model and Attacks 2/6 Percival’s attack on OpenSSL implementation of RSA algorithm in a SMT CPU  RSA core operation: modulo exponentiation – implemented with a series of ^2 and *  The encryption key is divided into segments  For each *, a multiplier is selected from precomputed constants stored in a LUT  Segment of key is used to index the LUT 10 COMPANY LOGO
  • 11. Cache Based Side Channel Attacks Threat Model and Attacks 3/6  Attacker manages to run simultaneously  Attack process sequentially and repeatedly accesses an array, thus loading data to occupy all cache lines  At the same time he measures the delay for each access to detect cache misses (ex. rdtsc timer in intel x86)  Victim’s cache accesses evict attacker’s data, enabling detection from the attacker 11 COMPANY LOGO
  • 12. Cache Based Side Channel Attacks Threat Model and Attacks 4/6 Cache RAM RSA Attacker  The attacker can identify which table entry is accessed -> the index used -> segment of the key 12 COMPANY LOGO
  • 13. Cache Based Side Channel Attacks Threat Model and Attacks 5/6 Bernstein’s Attack on AES  AES - “Black Box” software module  Give inputs and measure computation time  The execution time is input dependant and can be exploited to recover secret key  Attack consists of three phases: Learning, Attacking and Key Recovery  Statistical correlation analysis 13 COMPANY LOGO
  • 14. Cache Based Side Channel Attacks Threat Model and Attacks 6/6 14 COMPANY LOGO
  • 15. Cache Based Side Channel Attacks 3. Proposed Models 15 COMPANY LOGO
  • 16. Cache Based Side Channel Attacks Proposed Models 1/4  Problem -> Directly or indirectly cache interference  Learn from attacks and rewrite software  Solutions are attack specific and performance degradation (2x, 4x slower)  Authors attempt to eliminate the root cause with minimum impact and low cost  Ideas -> Partitioning - Randomization 16 COMPANY LOGO
  • 17. Cache Based Side Channel Attacks Proposed Models 2/4 Partition-Locked Cache (PLCache) L ID Original Cache Line 17 COMPANY LOGO
  • 18. Cache Based Side Channel Attacks Proposed Models 3/4 Random Permutation Cache (RPCache)  Introduce randomization factor – no useful information about which cache lines evicted  Memory-to-cache mappings 18 COMPANY LOGO
  • 19. Cache Based Side Channel Attacks Proposed Models 4/4 19 COMPANY LOGO
  • 20. Cache Based Side Channel Attacks 4. Evaluation 20 COMPANY LOGO
  • 21. Cache Based Side Channel Attacks Evaluation 1/  OpenSSL 0.9.7a AES implementation  Traditional cache, L1 PLCache and L1 RPCache  5KByte AES protected data  L2 large enough – no performance impact 21 COMPANY LOGO
  • 22. Cache Based Side Channel Attacks Evaluation 1/  PLCache & RPCache implemented in M-Sim v2.0 22 COMPANY LOGO
  • 23. Cache Based Side Channel Attacks 5. Conclusions 23 COMPANY LOGO
  • 24. Cache Based Side Channel Attacks Conclusions  Cache-based side channel attacks can harm general purpose cache based systems  Software solution -> attack specific  Hardware solutions -> general purpose  PLCache: minimal hardware cost – software developer must use different API  RPCache: area & complexity in hardware – no special treatment from software developers 24 COMPANY LOGO