A vulnerability in rsa implementations due to instruction cache analysis and its demonstration on openssl, CT-RSA 2008, 2008. ,
Amplifying Side Channels Through Performance Degradation, 2015. ,
Reduce mbed TLS memory and storage footprint, Intel Software Guard Extensions (Intel SGX), 2015. ,
Timing attack against protected rsa-crt implementation used in polarssl, CT-RSA 2013, 2013. ,
URL : https://hal.archives-ouvertes.fr/hal-01094300
Scone: Secure linux containers with intel sgx, 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16, 2016. ,
SGX Secure Enclaves in Practice: Security and Crypto Review, Black Hat, 2016. ,
Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths, 2015. ,
Shielding applications from an untrusted cloud with haven, ACM Trans Comput Syst, 2015. ,
A survey on heuristic malware detection techniques, The 5th Conference on Information and Knowledge Technology, 2013. ,
ooh aah... just a little bit": A small amount of side channel can go a long way, CHES'14, 2014. ,
Cache-timing attacks on AES, 2005. ,
A fast new des implementation in software, International Workshop on Fast Software Encryption. pp 260-272, 1997. ,
New partial key exposure attacks on rsa, Crypto'03, 2003. ,
An attack on rsa given a small fraction of the private key bits, International Conference on the Theory and Application of Cryptology and Information Security, 1998. ,
Software grand exposure: SGX cache attacks are practical, 2017. ,
Real time detection of cache-based side-channel attacks using Hardware Performance Counters. Cryptol ePrint Archive, 1034. ,
Intel sgx explained, p.86, 2016. ,
Z3: An efficient smt solver, International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2008. ,
On the feasibility of online malware detection with performance counters, ACM SIGARCH Comput Archit News, vol.41, issue.3, pp.559-570, 2013. ,
, Amazon Web Services -Docker, 2016.
An updated performance comparison of virtual machines and linux containers, 2015 IEEE International Symposium On Performance Analysis of Systems and Software (ISPASS), 2015. ,
The Microarchitecture of Intel, AMD and VIA CPUs: An Optimization Guide for Assembly Programmers and Compiler makers, vol.16, 2016. ,
A survey of microarchitectural timing attacks and countermeasures on contemporary hardware, 2016. ,
Preventing cache-based side-channel attacks in a cloud environment, IEEE Trans Cloud Comput, 2014. ,
Cache attacks on intel sgx, 2017. ,
Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript, DIMVA'16, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01872588
Flush+Flush: A Fast and Stealthy Cache Attack, DIMVA'16, 2016. ,
Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches, USENIX Security Symposium, 2015. ,
Cache Games -Bringing Access-Based Cache Attacks on AES to Practice, S&P'11, 2011. ,
A Faster and More Realistic Flush+Reload Attack on AES, Constructive Side-Channel Analysis and Secure Design (COSADE, 2015. ,
Lest we remember: cold-boot attacks on encryption keys, Commun ACM, 2009. ,
Reconstructing RSA Private Keys from Random Key Bits, 2009. ,
These are Not Your Grand Daddys CPU Performance Counters -CPU Hardware Performance Counters for Security, Black Hat, 2015. ,
Reducing timing channels with fuzzy time, J Comput Secur, 1992. ,
Practical Timing Side Channel Attacks against Kernel Space ASLR, S&P'13, 2013. ,
Seriously, get off my cloud! cross-vm rsa key recovery in a public cloud, Cryptology ePrint Archive, vol.898, 2015. ,
Cache attacks enable bulk key recovery on the cloud, CHES'16, 2016. ,
Intel 64 and IA-32 Architectures Software Developer's Manual, vol.3, 2014. ,
Software Guard Extensions SDK for, Intel Corporation (2016a) Intel Software Guard Extensions (Intel SGX, vol.1, 2016. ,
, Intel Corporation (2016b) Hardening Password Managers with Intel Software Guard Extensions: White Paper
, Intel Corporation (2016c) kvm-sgx wiki, 2016.
, Intel(R) Software Guard Extensions for Linux* OS, Intel Corporation, vol.11, 2016.
, Pre-release what's the difference?, Intel Corporation (2016) Intel SGX: Debug, Production, vol.24, 2016.
Intel 64 and IA-32 Architectures Optimization Reference Manual, 2014. ,
S$A: A Shared Cache Attack that Works Across Cores and Defies VM Sandboxing -and its Application to AES, S&P'15, 2015. ,
Cross processor cache attacks, Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (AsiaCCS'16, 2016. ,
Wait a minute! A fast, Cross-VM attack on AES, RAID'14, 2014. ,
Know thy neighbor: Crypto library detection in cloud, Proc Priv Enhancing Technol, vol.1, issue.1, pp.25-40, 2015. ,
Faster and timing-attack resistant AES-GCM, Cryptographic Hardware and Embedded Systems (CHES), pp.1-17, 2009. ,
Timing Attacks on Implementations of Diffe-Hellman, RSA, DSS, and Other Systems, Crypto'96, 1996. ,
Binary codes capable of correcting deletions, insertions and reversals, Soviet Physics Doklady, vol.10, p.707, 1966. ,
Minibox: A two-way sandbox for x86 native code, 2014 USENIX Annual Technical Conference (USENIX ATC 14, 2014. ,
ARMageddon: Cache Attacks on Mobile Devices, USENIX Security Symposium, 2016. ,
Catalyst: Defeating last-level cache side channel attacks in cloud computing, IEEE International Symposium on High Performance Computer Architecture (HPCA'16, 2016. ,
Last-Level Cache Side-Channel Attacks are Practical, S&P'15, 2015. ,
Timewarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks, ACM SIGARCH Comput Archit News, 2012. ,
How far can we go on the x64 processors?, International Workshop on Fast Software Encryption, pp.341-358, 2006. ,
Reverse Engineering Intel Complex Addressing Using Performance Counters, RAID'15, 2015. ,
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud, NDSS'17, 2017. ,
Create a Docker environment in Azure using the Docker VM extension, 2016. ,
Cachezoom: How sgx amplifies the power of cache attacks, 2017. ,
Ram: Rapid alignment method, International Conference on Smart Card Research and Advanced Applications, 2011. ,
URL : https://hal.archives-ouvertes.fr/hal-01596293
The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications, CCS'15, 2015. ,
Cache Attacks and Countermeasures: the Case of AES, 2006. ,
Theoretical use of cache memory as a cryptanalytic side-channel, Cryptology ePrint Archive, p.169, 2002. ,
HexPADS: a platform to detect "stealth" attacks, ESSoS'16, 2016. ,
Cache missing for fun and profit, Proceedings of BSDCan, 2005. ,
Make sure dsa signing exponentiations really are constant-time, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016. ,
DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks, USENIX Security Symposium, 2016. ,
Resource Management for Isolation Enhanced Cloud Services, Proceedings of the 1st ACM Cloud Computing Security Workshop (CCSW'09), pp.77-84, 2009. ,
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, CCS'09, 2009. ,
, Thoughts on Intel's upcoming Software Guard Extensions, vol.20, 2013.
Exclusive exponent blinding may not suffice to prevent timing attacks on rsa, International Workshop on Cryptographic Hardware and Embedded Systems, 2015. ,
Vc3: trustworthy data analytics in the cloud using sgx, 2015. ,
A bit-sliced, scalable and unified montgomery multiplier architecture for rsa and ecc, 2007 IFIP International Conference on Very Large Scale Integration, pp.252-257, 2007. ,
Commercial antivirus software effectiveness: An empirical study, 2011. ,
Improving differential power analysis by elastic alignment, CT-RSA 2011, 2011. ,
Eliminating fine grained timers in xen, Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop (CCSW'11, 2011. ,
Longer keys may facilitate side channel attacks, International Workshop on Selected Areas in Cryptography, 2003. ,
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems, S&P'15, 2015. ,
Recovering openssl ecdsa nonces using the flush+ reload cache side-channel attack, USENIX Security Symposium, p.140, 2011. ,
Cross-VM side channels and their use to extract private keys, CCS'12, 2012. ,
, Publisher's Note
, Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations