RT-Sniper: A Low-Overhead Defense Mechanism Pinpointing Cache Side-Channel Attacks

Since cache side-channel attacks have been serious security threats to multi-tenant systems, there have been several studies to protect systems against the attacks. However, the prior studies have limitations in determining only the existence of the attack and/or occupying too many computing resources in runtime. We propose a low-overhead pinpointing solution, called RT-Sniper, to overcome such limitations. RT-Sniper employs a two-level filtering mechanism to minimize performance overhead. It first monitors hardware events per core and isolates a suspected core to run a malicious process. Then among the processes running on the selected core, RT-Sniper pinpoints a malicious process through a per-process monitoring approach. With the core-level filtering, RT-Sniper has an advantage in overhead compared to the previous works. We evaluate RT-Sniper against Flush+Reload and Prime+Probe attacks running SPEC2017, LMBench, and PARSEC benchmarks on multi-core systems. Our evaluation demonstrates that the performance overhead by RT-Sniper is negligible (0.3% for single-threaded applications and 2.05% for multi-threaded applications). Compared to the previous defense solutions against cache side-channel attacks, RT-Sniper exhibits better detection performance with lower performance overhead.

Download Full-text

An Improved Montgomery Window Algorithm on Modular Exponentiation Secure against Side Channel Attacks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.392.862 ◽

2013 ◽

Vol 392 ◽

pp. 862-866

Author(s):

Mu Han ◽

Jia Zhao ◽

Shi Dian Ma

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Modular Exponentiation ◽

Side Channel Attacks ◽

The Core

As one of the core algorithms in most public key cryptography, modular exponentiation has a flaw of its efficiency, which often uses the Montgomerys algorithm to realize the fast operation. But the Montgomerys algorithm has the issue of side channel leakage from the final conditional subtraction. Aiming at this problem, this paper presents an improved fast Montgomery window algorithm. The new algorithm generates the remainder table with odd power to reduce the amount of pre-computation, and combines with the improved Montgomerys algorithm to realize modular exponentiation, which can accelerate the speed and reduce the side channel leakage. The new algorithm cant only thwart side channel attacks, but also improve the efficiency.

Download Full-text

Adaptive caches as a defense mechanism against cache side-channel attacks

Journal of Cryptographic Engineering ◽

10.1007/s13389-020-00246-3 ◽

2020 ◽

Author(s):

Sahan Bandara ◽

Michel A. Kinsy

Keyword(s):

Defense Mechanism ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

Moving Target Defense Mechanism for Side-Channel Attacks

IEEE Systems Journal ◽

10.1109/jsyst.2019.2922589 ◽

2020 ◽

Vol 14 (2) ◽

pp. 1810-1819

Author(s):

Satyanarayana Vuppala ◽

Alie El-Din Mady ◽

Adam Kuenzi

Keyword(s):

Defense Mechanism ◽

Side Channel ◽

Moving Target ◽

Side Channel Attacks ◽

Moving Target Defense

Download Full-text

When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i2.196-221 ◽

2020 ◽

pp. 196-221

Author(s):

Alejandro Cabrera Aldaya ◽

Billy Bob Brumley

Keyword(s):

Side Channel ◽

Security Threats ◽

Integer Factorization ◽

Success Rates ◽

Side Channel Attacks ◽

Side Channel Analysis ◽

Factorization Problem ◽

Integer Factorization Problem ◽

Channel Analysis ◽

Single Trace

Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provides a strong isolation from an adversarial OS, however, does not guarantee protection against side-channel attacks. In this paper, we analyze the security of the mbedTLS binary GCD algorithm, an implementation that offers interesting challenges when compared for example with OpenSSL, due to the usage of very tight loops in the former. Using practical experiments we demonstrate the mbedTLS binary GCD implementation is vulnerable to side-channel analysis using the SGX-Step framework against mbedTLS based SGX enclaves.We analyze the security of some use cases of this algorithm in this library, resulting in the discovery of a new vulnerability in the ECDSA code path that allows a single-trace attack against this implementation. This vulnerability is three-fold interesting: It resides in the implementation of a countermeasure which makes it more dangerous due to the false state of security the countermeasure currently offers. It reduces mbedTLS ECDSA security to an integer factorization problem. An unexpected GCD call inside the ECDSA code path compromises the countermeasure. We also cover an orthogonal use case, this time inside the mbedTLS RSA code path during the computation of a CRT parameter when loading a private key. The attack also exploits the binary GCD implementation threat, showing how a single vulnerable primitive leads to multiple vulnerabilities. We demonstrate both security threats with end-to-end attacks using 1000 trials each, showing in both cases single-trace attacks can be achieved with success rates very close to 100%.

Download Full-text

Are Timing-Based Side-Channel Attacks Feasible in Shared, Modern Computing Hardware?

International Journal of Organizational and Collective Intelligence ◽

10.4018/ijoci.2018040103 ◽

2018 ◽

Vol 8 (2) ◽

pp. 32-59 ◽

Cited By ~ 1

Author(s):

Reza Montasari ◽

Amin Hosseinian-Far ◽

Richard Hill ◽

Farshad Montaseri ◽

Mak Sharma ◽

...

Keyword(s):

Side Channel ◽

Security Threats ◽

Side Channel Attacks ◽

Broad Application ◽

Application Range ◽

Computing Process ◽

Timing Attacks ◽

Modern Computing ◽

Shared Computing

This article describes how there exist various vulnerabilities in computing hardware that adversaries can exploit to mount attacks against the users of such hardware. Microarchitectural attacks, the result of these vulnerabilities, take advantage of microarchitectural performance of processor implementations, revealing hidden computing process. Leveraging microarchitectural resources, adversaries can potentially launch timing-based side-channel attacks in order to leak information via timing. In view of these security threats against computing hardware, the authors analyse current attacks that take advantage of microarchitectural elements in shared computing hardware. This analysis focuses only on timing-based side-channel attacks against the components of modern PC platforms - with references being made also to other platforms when relevant - as opposed to any other variations of side-channel attacks which have a broad application range. To this end, the authors analyse timing attacks performed against processor and cache components, again with references to other components when appropriate.

Download Full-text

A Defense Mechanism for Timing-based Side-Channel Attacks on IoT Traffic

GLOBECOM 2020 - 2020 IEEE Global Communications Conference ◽

10.1109/globecom42002.2020.9322070 ◽

2020 ◽

Author(s):

Nelson Prates ◽

Andressa Vergutz ◽

Ricardo T. Macedo ◽

Aldri Santos ◽

Michele Nogueira

Keyword(s):

Defense Mechanism ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

Adaptive Caches as a Defense Mechanism Against Cache Side-Channel Attacks

Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop - ASHES'19 ◽

10.1145/3338508.3359574 ◽

2019 ◽

Author(s):

Sahan Bandara ◽

Michel A. Kinsy

Keyword(s):

Defense Mechanism ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

New Countermeasures Against Side-Channel Attacks for Cryptography on Elliptic Curves

Telecommunications and Radio Engineering ◽

10.1615/telecomradeng.v65.i10.40 ◽

2006 ◽

Vol 65 (10) ◽

pp. 913-922

Author(s):

Ya. N. Imamverdiev

Keyword(s):

Elliptic Curves ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

Countermeasure for Cryptographic Chips to Resist Side-Channel Attacks

Journal of Software ◽

10.3724/sp.j.1001.2008.02990 ◽

2009 ◽

Vol 19 (11) ◽

pp. 2990-2998 ◽

Cited By ~ 1

Author(s):

Tao ZHANG ◽

Ming-Yu FAN

Keyword(s):

Side Channel ◽

Side Channel Attacks

Download Full-text

A Defense Mechanism Based on Improved Allocation Strategy of VMs Co-Resident Attack in Power Cloud Platform

Recent Advances in Computer Science and Communications ◽

10.2174/2666255813666200311142532 ◽

2020 ◽

Vol 13 ◽

Author(s):

Yuancheng Li ◽

Pan Zhang ◽

Daoxing Li ◽

Jing Zeng

Keyword(s):

Virtual Machine ◽

Simulation Experiment ◽

Virtual Machines ◽

Defense Mechanism ◽

Security Threats ◽

Allocation Strategy ◽

Cloud Platform ◽

Deployment Strategy ◽

Dbscan Algorithm ◽

Maximum Minimum

Background: Cloud platform is widely used in electric power field. Virtual machine co-resident attack is one of the major security threats to the existing power cloud platform. Objective: This paper proposes a mechanism to defend virtual machine co-resident attack on power cloud platform. Method: Our defense mechanism uses the DBSCAN algorithm to classify and output the classification results through the random forest and uses improved virtual machine deployment strategy which combines the advantages of random round robin strategy and maximum/minimum resource strategy to deploy virtual machines. Results: we made a simulation experiment on power cloud platform of State Grid and verified the effectiveness of proposed defense deployment strategy. Conclusion: After the virtual machine deployment strategy is improved, the coverage of the virtual machine is remarkably reduced which proves that our defense mechanism achieves some effect of defending the virtual machine from virtual machine co-resident attack.

Download Full-text