The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs have to rely on software mitigations, such as KPTI. Still, Meltdown is considered non-exploitable on current systems. In this paper, we show that adding another layer of indirection to Meltdown transforms a transient-execution attack into a side-channel attack, leaking metadata instead of data. We show that despite software mitigations, attackers can still leak metadata from other security domains by observing the success rate of Meltdown on non-secret data. With LeakIDT, we present the first cache-line ...
Interference between processes executing on shared hardware can be used to mount performance-degrada...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
Today, nearly all modern devices, including smartphones, PCs, and cloud servers, benefit significant...
In this work, we present a runtime approach, called MeltdownDetector, for detecting, isolating, and ...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
Security and trustworthiness are key considerations in designing modern processor hardware. It has b...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
Since the initial discovery of Meltdown and Spectre in 2017, different variants of these attacks hav...
Since the discovery of the Spectre and Meltdown vulnerabilities, transient execution attacks have in...
Recent transient execution attacks have demonstrated that attackers may leak sensitive information a...
Besides cryptographic secrets, software-based side-channel attacks also leak sensitive user input. T...
In this work, we first present a low-cost, anomaly-based semi-supervised approach, which is instrume...
Over the last decades the digitalization has become an integral part of daily life. Computer systems...
Interference between processes executing on shared hardware can be used to mount performance-degrada...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
Today, nearly all modern devices, including smartphones, PCs, and cloud servers, benefit significant...
In this work, we present a runtime approach, called MeltdownDetector, for detecting, isolating, and ...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
International audienceDeployed widely and embedding sensitive data, IoT devices depend on the reliab...
Security and trustworthiness are key considerations in designing modern processor hardware. It has b...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
Since the initial discovery of Meltdown and Spectre in 2017, different variants of these attacks hav...
Since the discovery of the Spectre and Meltdown vulnerabilities, transient execution attacks have in...
Recent transient execution attacks have demonstrated that attackers may leak sensitive information a...
Besides cryptographic secrets, software-based side-channel attacks also leak sensitive user input. T...
In this work, we first present a low-cost, anomaly-based semi-supervised approach, which is instrume...
Over the last decades the digitalization has become an integral part of daily life. Computer systems...
Interference between processes executing on shared hardware can be used to mount performance-degrada...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Software implementations of block ciphers are widely used to perform critical operations such as dis...