Information flow control allows untrusted code to access sensitive andtrustworthy information without leaking this information. However, the presenceof covert channels subverts this security mechanism, allowing processes to communicate information in violation of IFC policies. In this paper, we show thatconcurrent deterministic IFC systems that use time-based scheduling are vulnerable to a cache-based internal timing channel. We demonstrate this vulnerabilitywith a concrete attack on Hails, one particular IFC web framework. To eliminatethis internal timing channel, we implement instruction-based scheduling, a newkind of scheduler that is indifferent to timing perturbations from underlying hardware components, such as the cache, TLB, and CPU ...
In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on the reference imp...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
We propose a new language-based approach to mitigating timing channels. In this language, well-typed...
Abstract. Information flow control allows untrusted code to access sensitive and trustworthy informa...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
Modern computing systems are becoming increasingly vulnerable to timing channel attacks that leak co...
Abstract. Information-flow control (IFC) is a security mechanism conceived to allow untrusted code t...
Information-flow control (IFC) allows untrusted code to manipulate sensitive data while preserving c...
When software is designed, even with security in mind, assumptions are made about the details of har...
Abstract. Information-flow control (IFC) is a security mechanism con-ceived to allow untrusted code ...
Abstract—Timing Attacks are a type of side channel attacks. In timing attacks, leaking cache timing ...
Embedded computers control an increasing number of systems directly interacting with humans, while a...
Timing side-channels are an identified threat for security critical software. Existing countermeasur...
Theoretically secure cryptographic algorithms can be vulnerable to attacks due to their implementati...
This book deals with timing attacks on software implementations of encryption algorithms. It describ...
In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on the reference imp...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
We propose a new language-based approach to mitigating timing channels. In this language, well-typed...
Abstract. Information flow control allows untrusted code to access sensitive and trustworthy informa...
This paper studies and evaluates the extent to which automated compiler techniques can defend agains...
Modern computing systems are becoming increasingly vulnerable to timing channel attacks that leak co...
Abstract. Information-flow control (IFC) is a security mechanism conceived to allow untrusted code t...
Information-flow control (IFC) allows untrusted code to manipulate sensitive data while preserving c...
When software is designed, even with security in mind, assumptions are made about the details of har...
Abstract. Information-flow control (IFC) is a security mechanism con-ceived to allow untrusted code ...
Abstract—Timing Attacks are a type of side channel attacks. In timing attacks, leaking cache timing ...
Embedded computers control an increasing number of systems directly interacting with humans, while a...
Timing side-channels are an identified threat for security critical software. Existing countermeasur...
Theoretically secure cryptographic algorithms can be vulnerable to attacks due to their implementati...
This book deals with timing attacks on software implementations of encryption algorithms. It describ...
In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on the reference imp...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
We propose a new language-based approach to mitigating timing channels. In this language, well-typed...