The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
暂无分享,去创建一个
Adi Shamir | Yuval Yarom | Daniel Genkin | David Wong | Eyal Ronen | Robert Gillham | A. Shamir | Daniel Genkin | Y. Yarom | Eyal Ronen | Robert Gillham | David Wong
[1] Srdjan Capkun,et al. Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.
[2] Adi Shamir,et al. Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.
[3] Billy Bob Brumley,et al. Remote Timing Attacks Are Still Practical , 2011, ESORICS.
[4] Vlastimil Klíma,et al. Attacking RSA-Based Sessions in SSL/TLS , 2003, CHES.
[5] Frank Piessens,et al. SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control , 2017, SysTEX@SOSP.
[6] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.
[7] Gorka Irazoqui Apecechea,et al. Lucky 13 Strikes Back , 2015, AsiaCCS.
[8] Dan Boneh,et al. Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes , 1996, CRYPTO.
[9] Michael Hamburg,et al. Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).
[10] Adi Shamir,et al. On the cryptographic security of single RSA bits , 1983, STOC '83.
[11] Nael B. Abu-Ghazaleh,et al. Understanding and Mitigating Covert Channels Through Branch Predictors , 2016, ACM Trans. Archit. Code Optim..
[12] Nael B. Abu-Ghazaleh,et al. BranchScope: A New Side-Channel Attack on Directional Branch Predictor , 2018, ASPLOS.
[13] Mengyuan Li,et al. STACCO: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves , 2017, CCS.
[14] Tim Dierks,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .
[15] Nael B. Abu-Ghazaleh,et al. Jump over ASLR: Attacking branch predictors to bypass ASLR , 2016, 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).
[16] Daniel Bleichenbacher,et al. Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.
[17] Billy Bob Brumley,et al. Amplifying side channels through performance degradation , 2015, ACSAC.
[18] Daniel Migault,et al. LURK Extension version 1 for (D)TLS 1.2 Authentication , 2019 .
[19] Marcus Peinado,et al. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing , 2016, USENIX Security Symposium.
[20] Hovav Shacham,et al. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.
[21] Michael M. Swift,et al. A Placement Vulnerability Study in Multi-Tenant Public Clouds , 2015, USENIX Security Symposium.
[22] Matthew Green,et al. Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice , 2015, CCS.
[23] Gernot Heiser,et al. Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.
[24] Gernot Heiser,et al. No Security Without Time Protection: We Need a New Hardware-Software Contract , 2018, APSys.
[25] Gorka Irazoqui Apecechea,et al. CacheZoom: How SGX Amplifies The Power of Cache Attacks , 2017, CHES.
[26] Gorka Irazoqui Apecechea,et al. Cache Attacks Enable Bulk Key Recovery on the Cloud , 2016, CHES.
[27] Kenneth G. Paterson,et al. Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure , 2018, IACR Cryptol. ePrint Arch..
[28] Onur Aciiçmez,et al. Yet another MicroArchitectural Attack:: exploiting I-Cache , 2007, CSAW '07.
[29] Naomi Benger,et al. "Ooh Aah... Just a Little Bit" : A Small Amount of Side Channel Can Go a Long Way , 2014, CHES.
[30] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.
[31] Yuan Xiao,et al. Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices , 2016, CCS.
[32] Hiroshi Miyauchi,et al. Cryptanalysis of DES Implemented on Computers with Cache , 2003, CHES.
[33] Josep Torrellas,et al. Cache Telepathy: Leveraging Shared Resource Attacks to Learn DNN Architectures , 2018, USENIX Security Symposium.
[34] Hovav Shacham,et al. A Systematic Analysis of the Juniper Dual EC Incident , 2016, IACR Cryptol. ePrint Arch..
[35] Craig Disselkoen,et al. Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX , 2017, USENIX Security Symposium.
[36] Kenneth G. Paterson,et al. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.
[37] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.
[38] Gernot Heiser,et al. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware , 2018, Journal of Cryptographic Engineering.
[39] Stefan Mangard,et al. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches , 2015, USENIX Security Symposium.
[40] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.
[41] Tibor Jager,et al. On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption , 2015, CCS.
[42] Michael K. Reiter,et al. Cross-Tenant Side-Channel Attacks in PaaS Clouds , 2014, CCS.
[43] Yuval Yarom,et al. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.
[44] Igor E. Shparlinski,et al. The Insecurity of the Digital Signature Algorithm with Partially Known Nonces , 2002, Journal of Cryptology.
[45] Klaus Wagner,et al. Flush+Flush: A Fast and Stealthy Cache Attack , 2015, DIMVA.
[46] Nigel P. Smart,et al. Lattice Attacks on Digital Signature Schemes , 2001, Des. Codes Cryptogr..
[47] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.
[48] Frank Piessens,et al. Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic , 2018, CCS.
[49] Jean-Pierre Seifert,et al. New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures , 2007, IMACC.
[50] Colin Percival. CACHE MISSING FOR FUN AND PROFIT , 2005 .
[51] Yuval Yarom,et al. ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels , 2016, IACR Cryptol. ePrint Arch..
[52] James Manger,et al. A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0 , 2001, CRYPTO.
[53] László Lovász,et al. Factoring polynomials with rational coefficients , 1982 .
[54] Yuval Yarom,et al. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 , 2017, CCS.
[55] Juraj Somorovsky,et al. Return Of Bleichenbacher's Oracle Threat (ROBOT) , 2018, IACR Cryptol. ePrint Arch..
[56] Tibor Jager,et al. Bleichenbacher's Attack Strikes again: Breaking PKCS#1 v1.5 in XML Encryption , 2012, ESORICS.
[57] Angelos D. Keromytis,et al. The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications , 2015, CCS.
[58] Yuval Yarom,et al. Drive-by Key-Extraction Cache Attacks from Portable Code , 2018, IACR Cryptol. ePrint Arch..
[59] Daniel J. Bernstein,et al. Cache-timing attacks on AES , 2005 .
[60] Erik Tews,et al. Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks , 2014, USENIX Security Symposium.
[61] Gorka Irazoqui Apecechea,et al. S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.
[62] Graham Steel,et al. Efficient Padding Oracle Attacks on Cryptographic Hardware , 2012, IACR Cryptol. ePrint Arch..
[63] Thomas Eisenbarth,et al. Co-location detection on the Cloud , 2016, IACR Cryptol. ePrint Arch..