Side-Channel Attacks on Cryptographic Software

被引:34
|
作者
Lawson, Nate
机构
[1] Root Labs
来源
IEEE SECURITY & PRIVACY | 2009年 / 7卷 / 06期
关键词
Advanced Encryption Standard; AES; Branch prediction logic; CPU cache; Crypto corner; Cryptography; Hash Message Authentication Code; HMAC; Multicore; RSA; Side channel attack; Timing attack;
D O I
10.1109/MSP.2009.165
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
When it comes to cryptographic software, side channels are an often-overlooked threat. A side channel is any observable side effect of computation that an attacker could measure and possibly influence. In the software world, side-channel attacks have sometimes been dismissed as impractical. However, new system architecture features, such as larger cache sizes and multicore processors, have increased the prevalence of side channels and quality of measurement available to an attacker. This article explains three recent side-channel attacks on cryptographic software, exploiting a comparison function, CPU cache timing, and branch prediction logic to recover a secret key. Software developers must be aware of the potential for side-channel attacks and plan appropriately. © 2009 IEEE.
引用
收藏
页码:65 / 68
页数:4
相关论文
共 50 条
  • [1] Aiding side-channel attacks on cryptographic software with satisfiability-based analysis
    Potlapally, Nachiketh R.
    Raghunathan, Anand
    Ravi, Srivaths
    Jha, Niraj K.
    Lee, Ruby B.
    [J]. IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, 2007, 15 (04) : 465 - 470
  • [2] Satisfiability-based framework for enabling side-channel attacks on cryptographic software
    Potlapally, Nachiketh R.
    Raghunathan, Anand
    Ravi, Srivaths
    Jha, Niraj K.
    Lee, Ruby B.
    [J]. 2006 DESIGN AUTOMATION AND TEST IN EUROPE, VOLS 1-3, PROCEEDINGS, 2006, : 1353 - +
  • [3] Countermeasure for cryptographic chips to resist side-channel attacks
    Zhang, Tao
    Fan, Ming-Yu
    [J]. Ruan Jian Xue Bao/Journal of Software, 2008, 19 (11): : 2990 - 2998
  • [4] Towards Secure Cryptographic Software Implementation Against Side-Channel Power Analysis Attacks
    Luo, Pei
    Zhang, Liwei
    Fei, Yunsi
    Ding, A. Adam
    [J]. PROCEEDINGS OF THE ASAP2015 2015 IEEE 26TH INTERNATIONAL CONFERENCE ON APPLICATION-SPECIFIC SYSTEMS, ARCHITECTURES AND PROCESSORS, 2015, : 144 - 148
  • [5] A Compact Probe for EM Side-Channel Attacks on Cryptographic Systems
    Werner, Frank T.
    Djordjevic, Antonije R.
    Zajic, Alenka G.
    [J]. 2019 IEEE INTERNATIONAL SYMPOSIUM ON ANTENNAS AND PROPAGATION AND USNC-URSI RADIO SCIENCE MEETING, 2019, : 613 - 614
  • [6] Compiler-Based Techniques to Secure Cryptographic Embedded Software Against Side-Channel Attacks
    Agosta, Giovanni
    Barenghi, Alessandro
    Pelosi, Gerardo
    [J]. IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2020, 39 (08) : 1550 - 1554
  • [7] Side-channel cryptographic attacks using pseudo-boolean optimization
    Yossef Oren
    Avishai Wool
    [J]. Constraints, 2016, 21 : 616 - 645
  • [8] Automated design of cryptographic devices resistant to multiple side-channel attacks
    Kulikowski, Konrad
    Smirnov, Alexander
    Taubin, Alexander
    [J]. CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2006, PROCEEDINGS, 2006, 4249 : 399 - 413
  • [9] Cipherfix: Mitigating Ciphertext Side-Channel Attacks in Software
    Wichelmann, Jan
    Paetschke, Anna
    Wilke, Luca
    Eisenbarth, Thomas
    [J]. PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM, 2023, : 6789 - 6806
  • [10] Side-channel cryptographic attacks using pseudo-boolean optimization
    Oren, Yossef
    Wool, Avishai
    [J]. CONSTRAINTS, 2016, 21 (04) : 616 - 645
12345