SlideShare ist ein Scribd-Unternehmen logo

Cache based side_channel_attacks Anestis Bechtsoudis

Als PPT, PDF herunterladen
Information Security Awareness Group
Information Security Awareness Group

Cache based side_channel_attacks Anestis Bechtsoudis

TechnologieNews & Politik
1 von 25
LOGO New Cache Designs for Thwarting Software Cache-based Side Channel Attacks - Z. Wang & R. B. Lee Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010
Cache Based Side Channel Attacks Contents 1 Introduction 2 Threat Model and Attacks 3 Proposed Models 4 Evaluation 5 Conclusions 2 COMPANY LOGO
Cache Based Side Channel Attacks 1. Introduction 3 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 1/4  Information intensive society – imperative need for security  Design of cryptographic systems to ensure the data protection  Extensive test to cryptosystems over time  Cryptanalysis: the study of techniques to reveal the secret parameters of a security system 4 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 2/4  Classical cryptanalysis approach  Weaknesses in the algorithm – mathematical model  Attacks based on: ciphertext-only, known plaintext, chosen plaintext/ciphertext …  Black box approach of the cryptosystem  The cryptographic primitive is actually implemented in hardware  Modern cryptanalysis: attacker knows much more for the device – side channel leakage 5 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 3/4 6 COMPANY LOGO
Cache Based Side Channel Attacks Introduction 4/4 7 COMPANY LOGO
Cache Based Side Channel Attacks 2. Threat Model and Attacks 8 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 1/6  Goal of the adversary is to learn information that he has no legitimate access to  Adversary: one or more unprivileged user processes, including remote clients, in the server where the secrets are processed  No physical access to the device  Goal achieved by performing legitimate operations – normal process  Victim and adversary are isolated processes 9 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 2/6 Percival’s attack on OpenSSL implementation of RSA algorithm in a SMT CPU  RSA core operation: modulo exponentiation – implemented with a series of ^2 and *  The encryption key is divided into segments  For each *, a multiplier is selected from precomputed constants stored in a LUT  Segment of key is used to index the LUT 10 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 3/6  Attacker manages to run simultaneously  Attack process sequentially and repeatedly accesses an array, thus loading data to occupy all cache lines  At the same time he measures the delay for each access to detect cache misses (ex. rdtsc timer in intel x86)  Victim’s cache accesses evict attacker’s data, enabling detection from the attacker 11 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 4/6 Cache RAM RSA Attacker  The attacker can identify which table entry is accessed -> the index used -> segment of the key 12 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 5/6 Bernstein’s Attack on AES  AES - “Black Box” software module  Give inputs and measure computation time  The execution time is input dependant and can be exploited to recover secret key  Attack consists of three phases: Learning, Attacking and Key Recovery  Statistical correlation analysis 13 COMPANY LOGO
Cache Based Side Channel Attacks Threat Model and Attacks 6/6 14 COMPANY LOGO
Cache Based Side Channel Attacks 3. Proposed Models 15 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 1/4  Problem -> Directly or indirectly cache interference  Learn from attacks and rewrite software  Solutions are attack specific and performance degradation (2x, 4x slower)  Authors attempt to eliminate the root cause with minimum impact and low cost  Ideas -> Partitioning - Randomization 16 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 2/4 Partition-Locked Cache (PLCache) L ID Original Cache Line 17 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 3/4 Random Permutation Cache (RPCache)  Introduce randomization factor – no useful information about which cache lines evicted  Memory-to-cache mappings 18 COMPANY LOGO
Cache Based Side Channel Attacks Proposed Models 4/4 19 COMPANY LOGO
Cache Based Side Channel Attacks 4. Evaluation 20 COMPANY LOGO
Cache Based Side Channel Attacks Evaluation 1/  OpenSSL 0.9.7a AES implementation  Traditional cache, L1 PLCache and L1 RPCache  5KByte AES protected data  L2 large enough – no performance impact 21 COMPANY LOGO
Cache Based Side Channel Attacks Evaluation 1/  PLCache & RPCache implemented in M-Sim v2.0 22 COMPANY LOGO
Cache Based Side Channel Attacks 5. Conclusions 23 COMPANY LOGO
Cache Based Side Channel Attacks Conclusions  Cache-based side channel attacks can harm general purpose cache based systems  Software solution -> attack specific  Hardware solutions -> general purpose  PLCache: minimal hardware cost – software developer must use different API  RPCache: area & complexity in hardware – no special treatment from software developers 24 COMPANY LOGO
LOGO Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010

Empfohlen

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Ciscoguestd05b31
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitDharmalingam Ganesan
 
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...CODE BLUE
 
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]RootedCON
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityCharles Guillemet
 
Clang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerClang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerSamsung Open Source Group
 
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...adonatwork
 
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)PROIDEA
 

Empfohlen

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Ciscoguestd05b31
 
Remote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitRemote file path traversal attacks for fun and profit
Remote file path traversal attacks for fun and profitDharmalingam Ganesan
 
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...
[CB21] Appearances are deceiving: Novel offensive techniques in Windows 10/11...CODE BLUE
 
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]
Eloi Sanfelix - Hardware security: Side Channel Attacks [RootedCON 2011]RootedCON
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityCharles Guillemet
 
Clang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerClang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerSamsung Open Source Group
 
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...
Frontend Security: Applying Contextual Escaping Automatically, or How to Stop...adonatwork
 
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)
CONFidence 2018: Who and why should fear hardware trojans? (Adam Kostrzewa)PROIDEA
 
Отчет Audit report RAPID7
Отчет Audit report RAPID7 Отчет Audit report RAPID7
Отчет Audit report RAPID7Sergey Yrievich
 
Report PAPID 7
Report PAPID 7Report PAPID 7
Report PAPID 7Sergey Yrievich
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdfAlexKarasulu1
 
20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)LeClubQualiteLogicielle
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019Alexander Master
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposPriyanka Aash
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsRod Soto
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Maksim Shudrak
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBDDan Frincu
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitationDharmalingam Ganesan
 
Big Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsBig Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsMarco Casassa Mont
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetupkarthik_krk
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processorsNebyueAwoke
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Community
 
ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)Hamid Reza
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkIOSR Journals
 
IJCSE Paper
IJCSE PaperIJCSE Paper
IJCSE PaperSowmya Kambhampati
 
Summarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesSummarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesNikos Katirtzis
 
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Information Security Awareness Group
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...Information Security Awareness Group
 

Weitere ähnliche Inhalte

Ähnlich wie Cache based side_channel_attacks Anestis Bechtsoudis

Отчет Audit report RAPID7
Отчет Audit report RAPID7 Отчет Audit report RAPID7
Отчет Audit report RAPID7Sergey Yrievich
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdfAlexKarasulu1
 
20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)LeClubQualiteLogicielle
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019Alexander Master
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposPriyanka Aash
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsRod Soto
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Maksim Shudrak
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBDDan Frincu
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitationDharmalingam Ganesan
 
Big Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsBig Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsMarco Casassa Mont
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetupkarthik_krk
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processorsNebyueAwoke
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Community
 
ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)Hamid Reza
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkIOSR Journals
 
Summarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesSummarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesNikos Katirtzis
 

Ähnlich wie Cache based side_channel_attacks Anestis Bechtsoudis (20)

Отчет Audit report RAPID7
Отчет Audit report RAPID7 Отчет Audit report RAPID7
Отчет Audit report RAPID7
 
Report PAPID 7
Report PAPID 7Report PAPID 7
Report PAPID 7
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf
 
20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)20100309 03 - Vulnerability analysis (McCabe)
20100309 03 - Vulnerability analysis (McCabe)
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019
 
Automated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gposAutomated prevention of ransomware with machine learning and gpos
Automated prevention of ransomware with machine learning and gpos
 
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOsSPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
SPO2-T11_Automated-Prevention-of-Ransomware-with-Machine-Learning-and-GPOs
 
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
Tricky sample? Hack it easy! Applying dynamic binary inastrumentation to ligh...
 
Pacemaker+DRBD
Pacemaker+DRBDPacemaker+DRBD
Pacemaker+DRBD
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitation
 
Big Data for Security - DNS Analytics
Big Data for Security - DNS AnalyticsBig Data for Security - DNS Analytics
Big Data for Security - DNS Analytics
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetup
 
Designing and implementing malicious processors
Designing and implementing malicious processorsDesigning and implementing malicious processors
Designing and implementing malicious processors
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph
 
ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)ASIP (Application-specific instruction-set processor)
ASIP (Application-specific instruction-set processor)
 
Procuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the NetworkProcuring the Anomaly Packets and Accountability Detection in the Network
Procuring the Anomaly Packets and Accountability Detection in the Network
 
IJCSE Paper
IJCSE PaperIJCSE Paper
IJCSE Paper
 
Summarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering TechniquesSummarizing Software API Usage Examples Using Clustering Techniques
Summarizing Software API Usage Examples Using Clustering Techniques
 

Mehr von Information Security Awareness Group

Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Information Security Awareness Group
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...Information Security Awareness Group
 
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Information Security Awareness Group
 
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Information Security Awareness Group
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceInformation Security Awareness Group
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A... Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...Information Security Awareness Group
 
Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Information Security Awareness Group
 
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...Information Security Awareness Group
 
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Information Security Awareness Group
 

Mehr von Information Security Awareness Group (20)

Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
Securing the Data in Big Data Security Analytics by Kevin Bowers, Nikos Trian...
 
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf... Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
Mobile Device Security by Michael Gong, Jake Kreider, Chris Lugo, Kwame Osaf...
 
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
Mobile Devices – Using Without Losing Mark K. Mellis, Associate Information S...
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
Addressing Big Data Security Challenges: The Right Tools for Smart Protection...
 
Big data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security AllianceBig data analysis concepts and references by Cloud Security Alliance
Big data analysis concepts and references by Cloud Security Alliance
 
Big data analysis concepts and references
Big data analysis concepts and referencesBig data analysis concepts and references
Big data analysis concepts and references
 
PKI by Tim Polk
PKI by Tim PolkPKI by Tim Polk
PKI by Tim Polk
 
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A... Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...
 
Pki by Steve Lamb
Pki by Steve LambPki by Steve Lamb
Pki by Steve Lamb
 
PKI by Gene Itkis
PKI by Gene ItkisPKI by Gene Itkis
PKI by Gene Itkis
 
Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...Introduction to distributed security concepts and public key infrastructure m...
Introduction to distributed security concepts and public key infrastructure m...
 
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
OThe Open Science Grid: Concepts and Patterns Ruth Pordes, Mine Altunay, Bria...
 
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
Optimal Security Response to Attacks on Open Science Grids Mine Altunay, Sven...
 
THE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth PordesTHE OPEN SCIENCE GRID Ruth Pordes
THE OPEN SCIENCE GRID Ruth Pordes
 
Open Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob CowlesOpen Science Grid security-atlas-t2 Bob Cowles
Open Science Grid security-atlas-t2 Bob Cowles
 
Security Open Science Grid Doug Olson
Security Open Science Grid Doug OlsonSecurity Open Science Grid Doug Olson
Security Open Science Grid Doug Olson
 
Open Science Group Security Kevin Hill
Open Science Group Security Kevin HillOpen Science Group Security Kevin Hill
Open Science Group Security Kevin Hill
 
Xrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew HanushevskyXrootd proxies Andrew Hanushevsky
Xrootd proxies Andrew Hanushevsky
 
Privilege Project Vikram Andem
Privilege Project Vikram AndemPrivilege Project Vikram Andem
Privilege Project Vikram Andem
 

Kürzlich hochgeladen

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 

Kürzlich hochgeladen (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 

Cache based side_channel_attacks Anestis Bechtsoudis

  • 1. LOGO New Cache Designs for Thwarting Software Cache-based Side Channel Attacks - Z. Wang & R. B. Lee Anestis Bechtsoudis mpechtsoud@ceid.upatras.gr Patra 2010
  • 2. Cache Based Side Channel Attacks Contents 1 Introduction 2 Threat Model and Attacks 3 Proposed Models 4 Evaluation 5 Conclusions 2 COMPANY LOGO
  • 3. Cache Based Side Channel Attacks 1. Introduction 3 COMPANY LOGO
  • 4. Cache Based Side Channel Attacks Introduction 1/4  Information intensive society – imperative need for security  Design of cryptographic systems to ensure the data protection  Extensive test to cryptosystems over time  Cryptanalysis: the study of techniques to reveal the secret parameters of a security system 4 COMPANY LOGO
  • 5. Cache Based Side Channel Attacks Introduction 2/4  Classical cryptanalysis approach  Weaknesses in the algorithm – mathematical model  Attacks based on: ciphertext-only, known plaintext, chosen plaintext/ciphertext …  Black box approach of the cryptosystem  The cryptographic primitive is actually implemented in hardware  Modern cryptanalysis: attacker knows much more for the device – side channel leakage 5 COMPANY LOGO
  • 6. Cache Based Side Channel Attacks Introduction 3/4 6 COMPANY LOGO
  • 7. Cache Based Side Channel Attacks Introduction 4/4 7 COMPANY LOGO
  • 8. Cache Based Side Channel Attacks 2. Threat Model and Attacks 8 COMPANY LOGO
  • 9. Cache Based Side Channel Attacks Threat Model and Attacks 1/6  Goal of the adversary is to learn information that he has no legitimate access to  Adversary: one or more unprivileged user processes, including remote clients, in the server where the secrets are processed  No physical access to the device  Goal achieved by performing legitimate operations – normal process  Victim and adversary are isolated processes 9 COMPANY LOGO
  • 10. Cache Based Side Channel Attacks Threat Model and Attacks 2/6 Percival’s attack on OpenSSL implementation of RSA algorithm in a SMT CPU  RSA core operation: modulo exponentiation – implemented with a series of ^2 and *  The encryption key is divided into segments  For each *, a multiplier is selected from precomputed constants stored in a LUT  Segment of key is used to index the LUT 10 COMPANY LOGO
  • 11. Cache Based Side Channel Attacks Threat Model and Attacks 3/6  Attacker manages to run simultaneously  Attack process sequentially and repeatedly accesses an array, thus loading data to occupy all cache lines  At the same time he measures the delay for each access to detect cache misses (ex. rdtsc timer in intel x86)  Victim’s cache accesses evict attacker’s data, enabling detection from the attacker 11 COMPANY LOGO
  • 12. Cache Based Side Channel Attacks Threat Model and Attacks 4/6 Cache RAM RSA Attacker  The attacker can identify which table entry is accessed -> the index used -> segment of the key 12 COMPANY LOGO
  • 13. Cache Based Side Channel Attacks Threat Model and Attacks 5/6 Bernstein’s Attack on AES  AES - “Black Box” software module  Give inputs and measure computation time  The execution time is input dependant and can be exploited to recover secret key  Attack consists of three phases: Learning, Attacking and Key Recovery  Statistical correlation analysis 13 COMPANY LOGO
  • 14. Cache Based Side Channel Attacks Threat Model and Attacks 6/6 14 COMPANY LOGO
  • 15. Cache Based Side Channel Attacks 3. Proposed Models 15 COMPANY LOGO
  • 16. Cache Based Side Channel Attacks Proposed Models 1/4  Problem -> Directly or indirectly cache interference  Learn from attacks and rewrite software  Solutions are attack specific and performance degradation (2x, 4x slower)  Authors attempt to eliminate the root cause with minimum impact and low cost  Ideas -> Partitioning - Randomization 16 COMPANY LOGO
  • 17. Cache Based Side Channel Attacks Proposed Models 2/4 Partition-Locked Cache (PLCache) L ID Original Cache Line 17 COMPANY LOGO
  • 18. Cache Based Side Channel Attacks Proposed Models 3/4 Random Permutation Cache (RPCache)  Introduce randomization factor – no useful information about which cache lines evicted  Memory-to-cache mappings 18 COMPANY LOGO
  • 19. Cache Based Side Channel Attacks Proposed Models 4/4 19 COMPANY LOGO
  • 20. Cache Based Side Channel Attacks 4. Evaluation 20 COMPANY LOGO
  • 21. Cache Based Side Channel Attacks Evaluation 1/  OpenSSL 0.9.7a AES implementation  Traditional cache, L1 PLCache and L1 RPCache  5KByte AES protected data  L2 large enough – no performance impact 21 COMPANY LOGO
  • 22. Cache Based Side Channel Attacks Evaluation 1/  PLCache & RPCache implemented in M-Sim v2.0 22 COMPANY LOGO
  • 23. Cache Based Side Channel Attacks 5. Conclusions 23 COMPANY LOGO
  • 24. Cache Based Side Channel Attacks Conclusions  Cache-based side channel attacks can harm general purpose cache based systems  Software solution -> attack specific  Hardware solutions -> general purpose  PLCache: minimal hardware cost – software developer must use different API  RPCache: area & complexity in hardware – no special treatment from software developers 24 COMPANY LOGO