abstract: Modern computer processors contain an embedded firmware known as microcode that controls decode and execution of x86 instructions. Although proprietary and relatively obscure, this microcode can be modified using updates released by hardware manufacturers to correct processor logic flaws (errata). At the same time, a malicious microcode update could compromise a processor by implementing new malicious instructions or altering the functionality of existing instructions, including processor-accelerated virtualization or cryptographic primitives. Not only is this attack vector capable of subverting all software-enforced security policies and access controls, but it also leaves behind no postmortem forensic evidence since the write-on...
Micro-architectural analysis (MA) is a fast evolving area of side-channel cryptanalysis. This new ar...
Low-level exploitation is an ongoing security issue. History has shown multiple methods to gain cont...
Part 6: Software SecurityInternational audienceRecently, code-reuse attack (CRA) is becoming the mos...
Today\u27s microprocessors often rely on microcode updates to address issues such as security or fun...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
The pursuit of secure computation has always featured a tension between performance and security. Se...
To achieve ever-higher performances, architectural optimization mechanisms have been embedded in hig...
Shared microarchitectural state is a target for side-channel attacks that leverage timing measuremen...
Microprocessors such as those found in PCs and smartphones are complex in their design and nature. I...
Side-channel attacks have become a severe threat to the confidentiality of computer applications and...
This paper exposes some weaknesses of encrypted embedded memory in secure chips. Smartcards and secu...
Most of today's widely used operating systems are based on a monolithic design and have a very large...
Over the past decades, the major objectives of computer design have been to improve performance and ...
The continuous quest for performance pushed processors to incorporate elements such as multiple core...
Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT) and Opera...
Micro-architectural analysis (MA) is a fast evolving area of side-channel cryptanalysis. This new ar...
Low-level exploitation is an ongoing security issue. History has shown multiple methods to gain cont...
Part 6: Software SecurityInternational audienceRecently, code-reuse attack (CRA) is becoming the mos...
Today\u27s microprocessors often rely on microcode updates to address issues such as security or fun...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
The pursuit of secure computation has always featured a tension between performance and security. Se...
To achieve ever-higher performances, architectural optimization mechanisms have been embedded in hig...
Shared microarchitectural state is a target for side-channel attacks that leverage timing measuremen...
Microprocessors such as those found in PCs and smartphones are complex in their design and nature. I...
Side-channel attacks have become a severe threat to the confidentiality of computer applications and...
This paper exposes some weaknesses of encrypted embedded memory in secure chips. Smartcards and secu...
Most of today's widely used operating systems are based on a monolithic design and have a very large...
Over the past decades, the major objectives of computer design have been to improve performance and ...
The continuous quest for performance pushed processors to incorporate elements such as multiple core...
Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT) and Opera...
Micro-architectural analysis (MA) is a fast evolving area of side-channel cryptanalysis. This new ar...
Low-level exploitation is an ongoing security issue. History has shown multiple methods to gain cont...
Part 6: Software SecurityInternational audienceRecently, code-reuse attack (CRA) is becoming the mos...