In the last 10 years cache attacks on Intel CPUs have gained increasing attention among the scientific community. More specifically, powerful techniques to exploit the cache side channel have been developed. However, so far only a few investigations have been performed on modern smartphones and mobile devices in general. In this work, we describe Evict+Reload, the first access-based cross-core ...

We extend the FLUSH+RELOAD side-channel attack of Benger et al. to extract a significantly larger number of bits of information per observed signature when using OpenSSL. This means that by observing only 25 signatures, we can recover secret keys of the secp256k1 curve, used in the Bitcoin protocol, with a probability greater than 50 percent. This is an order of magnitude improvement over the p...

In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on reference implementation of HQC. We build a based distinguisher for implementing plaintext-checking (PC) oracle. The PC oracle uses side-channel information to check if given ciphertext decrypts message. This is done by identifying vulnerability during generating process two vectors in also propose new method usi...

We illustrate a vulnerability introduced to elliptic curve cryptographic protocols when implemented using a function of the OpenSSL cryptographic library. For the given implementation using an elliptic curve E over a binary field with a point G ∈ E, our attack recovers the majority of the bits of a scalar k when kG is computed using the OpenSSL implementation of the Montgomery ladder. For the E...

CPU flush instruction-based cache side-channel attacks (cache instruction attacks) target a wide range of machines. For instance, Meltdown / Spectre combined with FLUSH+RELOAD gain read access to arbitrary data in operating system kernel and user processes, which work on cloud virtual machines, laptops, desktops, mobile devices. Additionally, fault injection use cache. Rowhammer, is attack that...

We apply the FLUSH+RELOAD side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests. We then apply a “standard” lattice technique to extract the private key, but unlike previous attacks we are able to make use of the side-channel information from almost all of the observed executions. This means we obtain private key recovery by obser...

Research on cache attacks has shown that CPU caches leak significant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection. In this article, we show that this assumption does not hold by developing a novel attack technique: the Flush+Flush attack. The Flush+Flus...

Research on cache attacks has shown that CPU caches leak significant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection. In this article, we show that this assumption does not hold by developing a novel attack technique: the Flush+Flush attack. The Flush+Flus...

Since cache side-channel attacks have been serious security threats to multi-tenant systems, there several studies protect systems against the attacks. However, prior limitations in determining only existence of attack and/or occupying too many computing resources runtime. We propose a low-overhead pinpointing solution, called RT-Sniper, overcome such limitations. RT-Sniper employs two-level fi...