During the last decade, constant-time cryptographic software has quickly transitioned from an academic construct to a concrete security requirement for real-world libraries. Most of OpenSSL’s constant-time code paths are driven by cryptosystem implementations enabling a dedicated flag at runtime. This process is perilous, with several examples emerging in the past few years of the flag either not being set or software defects directly mishandling the flag. In this work, we propose a methodology to analyze security-critical software for side-channel insecure code path traversal. Applying our methodology to OpenSSL, we identify three new code paths during RSA key generation that potentially leak critical algorithm state. Exploiting one of the...
Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provi...
Side-channel information is any type of information leaked through unexpected channels due to physic...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
During the last decade, constant-time cryptographic software has quickly transitioned from an academ...
Abstract. The previous I-cache timing attacks on RSA which exploit the in-struction path of a cipher...
Lecture Notes in Computer Science, vol. 9813The scatter-gather technique is a commonly implemented a...
MicroArchitectural Analysis (MA) techniques, more specifically Simple Branch Prediction Analysis (SB...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
International audienceTiming-based side-channels play an important role in exposing the state of a p...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
TLS and SSH are two of the most commonly used proto- cols for securing Internet traffic. Many of the...
Abstract. We improve instruction cache data analysis techniques with a framework based on vector qua...
As side-channel attacks reached general purpose PCs and started to be more practical for attackers t...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
Abstract. Recently, Acıiçmez, Koç, and Seifert have introduced new side-channel analysis types, name...
Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provi...
Side-channel information is any type of information leaked through unexpected channels due to physic...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
During the last decade, constant-time cryptographic software has quickly transitioned from an academ...
Abstract. The previous I-cache timing attacks on RSA which exploit the in-struction path of a cipher...
Lecture Notes in Computer Science, vol. 9813The scatter-gather technique is a commonly implemented a...
MicroArchitectural Analysis (MA) techniques, more specifically Simple Branch Prediction Analysis (SB...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
International audienceTiming-based side-channels play an important role in exposing the state of a p...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
TLS and SSH are two of the most commonly used proto- cols for securing Internet traffic. Many of the...
Abstract. We improve instruction cache data analysis techniques with a framework based on vector qua...
As side-channel attacks reached general purpose PCs and started to be more practical for attackers t...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
Abstract. Recently, Acıiçmez, Koç, and Seifert have introduced new side-channel analysis types, name...
Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provi...
Side-channel information is any type of information leaked through unexpected channels due to physic...
Software implementations of block ciphers are widely used to perform critical operations such as dis...