The microarchitectural behavior of modern CPUs is mostly hidden from developers and users of computer software. Due to a plethora of attacks exploiting microarchitectural behavior, developers of security-critical software must, e.g., ensure their code is constant-time, which is cumbersome and usually results in slower programs. In practice, small leakages which are deemed not exploitable still remain in the codebase. For example, sub-cache-line leakages have previously been investigated in the CacheBleed and MemJam attacks, which are deemed impractical on modern platforms.In this work, we revisit and carefully analyze the 4k-aliasing effect and discover that the measurable delay introduced by this microarchitectural effect is higher than fo...
International audienceIn modern computer systems, user processes are isolated from each other by the...
International audienceTiming-based side-channels play an important role in exposing the state of a p...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
During the last decade, constant-time cryptographic software has quickly transitioned from an academ...
The CPU cache is a hardware element that leaks significant information about the software running on...
Today, nearly all modern devices, including smartphones, PCs, and cloud servers, benefit significant...
CPU vulnerabilities undermine the security guarantees provided by software- and hardware-security im...
In this paper we present two attacks that exploit cache events, which are visible in some side chann...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
Caches pose a significant challenge to formal proofs of security for code executing on application p...
The CPU cache is a hardware element that leaks significant information about the software running on...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
The report describes the development of several software side-channel attacks which exploit cache v...
Software cache-based side channel attacks are a serious new class of threats for computers. Unlike p...
International audienceIn modern computer systems, user processes are isolated from each other by the...
International audienceTiming-based side-channels play an important role in exposing the state of a p...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
During the last decade, constant-time cryptographic software has quickly transitioned from an academ...
The CPU cache is a hardware element that leaks significant information about the software running on...
Today, nearly all modern devices, including smartphones, PCs, and cloud servers, benefit significant...
CPU vulnerabilities undermine the security guarantees provided by software- and hardware-security im...
In this paper we present two attacks that exploit cache events, which are visible in some side chann...
Software implementations of block ciphers are widely used to perform critical operations such as dis...
Caches pose a significant challenge to formal proofs of security for code executing on application p...
The CPU cache is a hardware element that leaks significant information about the software running on...
In modern computing environments, hardware resources are commonly shared, and parallel computation i...
The report describes the development of several software side-channel attacks which exploit cache v...
Software cache-based side channel attacks are a serious new class of threats for computers. Unlike p...
International audienceIn modern computer systems, user processes are isolated from each other by the...
International audienceTiming-based side-channels play an important role in exposing the state of a p...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...