JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms

After years of development, FPGAs are finally making an appearance on multi-tenant cloud servers. Heterogeneous FPGA-CPU microarchitectures require reassessment of common assumptions about isolation and security boundaries, as they introduce new attack vectors and vulnerabilities. In this work, we analyze the memory and cache subsystem and study Rowhammer and cache attacks enabled by two proposed heterogeneous FPGA-CPU platforms from Intel: the Arria 10 GX with an integrated FPGA-CPU platform, and the Arria 10 GX PAC expansion card which connects the FPGA to the CPU via the PCIe interface. We demonstrate JackHammer, a novel, efficient, and stealthy Rowhammer from the FPGA to the host’s main memory. Our results indicate that a malicious FPGA can perform twice as fast as a typical Rowhammer from the CPU on the same system and causes around four times as many bit flips as the CPU attack. We demonstrate the efficacy of JackHammer from the FPGA through a realistic fault attack on the WolfSSL RSA signing implementation that reliably causes a fault after an average of fifty-eight RSA signatures, 25% faster than a CPU Rowhammer. In some scenarios our JackHammer attack produces faulty signatures more than three times more often and almost three times faster than a conventional CPU Rowhammer. Finally, we systematically analyze new cache attacks in these environments following demonstration of a cache covert channel across FPGA and CPU.

Download Full-text

Control Cloud Data Access Privilge Anonymity with Attributed Based Encryption

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i8.68 ◽

2017 ◽

Vol 7 (8) ◽

pp. 279

Author(s):

P. Sudheer ◽

T. Lakshmi Surekha

Keyword(s):

Data Privacy ◽

Low Cost ◽

Data Access ◽

Privacy Concerns ◽

Cloud Data ◽

Computing Paradigm ◽

Attribute Based Encryption ◽

Data Content ◽

Identity Privacy ◽

Cloud Servers

Cloud computing is a revolutionary computing paradigm, which enables flexible, on-demand, and low-cost usage of computing resources, but the data is outsourced to some cloud servers, and various privacy concerns emerge from it. Various schemes based on the attribute-based encryption have been to secure the cloud storage. Data content privacy. A semi anonymous privilege control scheme AnonyControl to address not only the data privacy. But also the user identity privacy. AnonyControl decentralizes the central authority to limit the identity leakage and thus achieves semi anonymity. The Anonymity –F which fully prevent the identity leakage and achieve the full anonymity.

Download Full-text

AgiMonitor: a remote database monitoring tool for main memory database

Future Information Engineering ◽

10.2495/icie130752 ◽

2014 ◽

Author(s):

Huazhuang Yao ◽

Yongyan Wang ◽

Shuai Wang ◽

Kun Li ◽

Chao Guo

Keyword(s):

Main Memory ◽

Monitoring Tool ◽

Main Memory Database

Download Full-text

A Scheme for Protecting Confidentiality of No-volatile Main Memory Based on Phase-Change Memory

Chinese Journal of Computers ◽

10.3724/sp.j.1016.2011.02114 ◽

2011 ◽

Vol 34 (11) ◽

pp. 2114-2120 ◽

Cited By ~ 1

Author(s):

Peng ZHAO ◽

Long-Yun ZHU

Keyword(s):

Phase Change ◽

Phase Change Memory ◽

Main Memory ◽

Change Memory

Download Full-text

Covert channel detection in ICMP payload based on information entropy SVM

Journal of Computer Applications ◽

10.3724/sp.j.1087.2009.01796 ◽

2009 ◽

Vol 29 (7) ◽

pp. 1796-1798

Author(s):

Xiao-dong XU ◽

Chuan-an WANG ◽

Shi-rui ZHU

Keyword(s):

Information Entropy ◽

Covert Channel ◽

Channel Detection ◽

Covert Channel Detection

Download Full-text

A Guide to Understanding Covert Channel Analysis of Trusted Systems

10.21236/ada477386 ◽

1993 ◽

Author(s):

GREATER SAN ANTONIO HOSPITAL COUNCIL TX

Keyword(s):

Covert Channel ◽

Channel Analysis

Download Full-text

Comparative Study of Cryptography for Cloud Computing for Data Security

Recent Advances in Computer Science and Communications ◽

10.2174/2666255813666190911114909 ◽

2019 ◽

Vol 13 ◽

Author(s):

Priya Mathur ◽

Amit Kumar Gupta ◽

Prateek Vashishtha

Keyword(s):

Cloud Computing ◽

Data Security ◽

Elliptic Curve Cryptography ◽

Plain Text ◽

Hybrid Encryption ◽

Cipher Text ◽

Business Applications ◽

Computing Grid ◽

Cloud Servers ◽

Client Side

Cloud computing is an emerging technique by which anyone can access the applications as utilities over the internet. Cloud computing is the technology which comprises of all the characteristics of the technologies like distributed computing, grid computing, and ubiquitous computing. Cloud computing allows everyone to create, to configure as well as to customize the business applications online. Cryptography is the technique which is use to convert the plain text into cipher text using various encryption techniques. The art and science used to introduce the secrecy in the information security in order to secure the messages is defined as cryptography. In this paper we are going to review few latest Cryptographic algorithms which are used to enhance the security of the data on the cloud servers. We are comparing Short Range Natural Number Modified RSA (SRNN), Elliptic Curve Cryptography Algorithm, Client Side Encryption Technique and Hybrid Encryption Technique to secure the data in cloud.

Download Full-text

Traffic Normalization for Covert Channel Protecting

2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus) ◽

10.1109/elconrus51938.2021.9396163 ◽

2021 ◽

Author(s):

Daria Frolova ◽

Konstsntin Kogos ◽

Anna Epishkina

Keyword(s):

Covert Channel

Download Full-text

Distributed data hiding in multi-cloud storage environment

Journal of Cloud Computing Advances Systems and Applications ◽

10.1186/s13677-020-00208-4 ◽

2020 ◽

Vol 9 (1) ◽

Author(s):

Leonel Moyou Metcheka ◽

René Ndoundam

Keyword(s):

Cloud Storage ◽

Network Protocols ◽

Secret Message ◽

Covert Channel ◽

Distributed Data ◽

Comparison Results ◽

Major Interest ◽

Cloud Storage Environment ◽

Audio Video ◽

Multi Cloud

AbstractClassical or traditional steganography aims at hiding a secret in cover media such as text, image, audio, video or even in network protocols. Recent research has improved this approach called distributed steganography by fragmenting the secret message and embedding each secret piece into a distinct cover media. The major interest of this approach is to make the secret message detection extremely difficult. However, these file modifications leave fingerprints which can reveal a secret channel to an attacker. Our contribution is a new steganography paradigm transparent to any attacker and resistant to the detection and the secret extraction. Two properties contribute to achieve these goals: the files do not undergo any modification while the distribution of the secret in the multi-cloud storage environment allows us to hide the existence of the covert channel between the communicating parties. Information’s are usually hidden inside the cover media. In this work, the covert media is a pointer to information. Therefore the file carries the information without being modified and the only way to access it is to have the key. Experiments show interesting comparison results with remarkable security contributions. The work can be seen as a new open direction for further research in the field.

Download Full-text