This paper proposes the first cache timing side-channel attack on one of Apple’s mobile devices. Utilizing a recent, permanent exploit named checkm8, we reverse-engineered Apple’s BootROM and created a powerful toolkit for running arbitrary hardware security experiments on Apple’s in-house designed ARM systems-on-a-chip (SoC). Using this toolkit, we then implement an access-driven cache timing attack (in the style of PRIME+PROBE) as a proof-of-concept illustrator. The advanced hardware control enabled by our toolkit allowed us to reverse-engineer key microarchitectural details of the Apple A10 Fusion’s memory hierarchy. We find that the SoC employs a randomized cache-line replacement policy as well as a hardware-based L1 prefetcher. We pro...
In recent years, smartphones have become an increasingly important storage facility for personal sen...
International audienceThis paper presents a run-time detection mechanism for access-driven cache-bas...
The report describes the development of several software side-channel attacks which exploit cache v...
Since the disclosure of Spectre, extensive research has been conducted on both new attacks, attack v...
The ARM TrustZone is a security extension which is used in recent Samsung flagship smartphones to cr...
Remote side-channel attacks on processors exploit hardware and micro-architectural effects observabl...
Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop...
Systems-on-Chips (SoCs) are one of the key enabling technologies for the Internet-of-Things (IoT). G...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
Software cache-based side channel attacks are a serious new class of threats for computers. Unlike p...
Power side-channel attacks exploit variations in power consumption to extract secrets from a device,...
Android smartphones collect and compile a huge amount of sensitive information which is secured usin...
In this paper we present two attacks that exploit cache events, which are visible in some side chann...
As Moore`s law continues to reduce the cost of computation at an exponential rate, embedded computin...
Side-channel attacks have been exploiting weaknesses of cryptographic primitives as soon as they beg...
In recent years, smartphones have become an increasingly important storage facility for personal sen...
International audienceThis paper presents a run-time detection mechanism for access-driven cache-bas...
The report describes the development of several software side-channel attacks which exploit cache v...
Since the disclosure of Spectre, extensive research has been conducted on both new attacks, attack v...
The ARM TrustZone is a security extension which is used in recent Samsung flagship smartphones to cr...
Remote side-channel attacks on processors exploit hardware and micro-architectural effects observabl...
Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop...
Systems-on-Chips (SoCs) are one of the key enabling technologies for the Internet-of-Things (IoT). G...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
Software cache-based side channel attacks are a serious new class of threats for computers. Unlike p...
Power side-channel attacks exploit variations in power consumption to extract secrets from a device,...
Android smartphones collect and compile a huge amount of sensitive information which is secured usin...
In this paper we present two attacks that exploit cache events, which are visible in some side chann...
As Moore`s law continues to reduce the cost of computation at an exponential rate, embedded computin...
Side-channel attacks have been exploiting weaknesses of cryptographic primitives as soon as they beg...
In recent years, smartphones have become an increasingly important storage facility for personal sen...
International audienceThis paper presents a run-time detection mechanism for access-driven cache-bas...
The report describes the development of several software side-channel attacks which exploit cache v...