Leaking Secrets Through Compressed Caches

Daniel Felipe Forero Sanchez
2021
Journal paper

We offer the first security analysis of cache compression, a promising architectural technique that is likely to appear in future mainstream processors. We find that cache compression has novel security implications because the compressibility of a cache line reveals information about its contents. Compressed caches introduce a new side channel that is especially insidious, as simply storing data transmits information about the data. We present two techniques that make attacks on compressed caches practical. Pack+Probe allows an attacker to learn the compressibility of victim cache lines, and Safecracker leaks secret data efficiently by strategically changing the values of nearby data. Our evaluation on a proof-of-concept application shows that, on a representative compressed cache architecture, Safecracker lets an attacker compromise an 8-byte secret key in under 10 ms. Even worse, Safecracker can be combined with latent memory safety vulnerabilities to leak a large fraction of program memory.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Daniel Felipe Forero Sanchez
2021
Journal paper

Abstract

Official source

https://infoscience.epfl.ch/record/286589?ln=en

About this result

Related concepts (36)

Related publications (54)

Related MOOCs (17)

IoT Systems and Industrial Applications with Design Thinking

The first MOOC to provide a comprehensive introduction to Internet of Things (IoT) including the fundamental business aspects needed to define IoT related products.

Logic Circuits for Embedded Systems part B

Digital Design in Embedded Systems part A

Side-channel attack

In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or minor, but potentially devastating, mistakes or oversights in the implementation. (Cryptanalysis also includes searching for side-channel attacks.

Data

In common usage and statistics, data (USˈdætə; UKˈdeɪtə) is a collection of discrete or continuous values that convey information, describing the quantity, quality, fact, statistics, other basic units of meaning, or simply sequences of symbols that may be further interpreted formally. A datum is an individual value in a collection of data. Data is usually organized into structures such as tables that provide additional context and meaning, and which may themselves be used as data in larger structures.

Fraction

A fraction (from fractus, "broken") represents a part of a whole or, more generally, any number of equal parts. When spoken in everyday English, a fraction describes how many parts of a certain size there are, for example, one-half, eight-fifths, three-quarters. A common, vulgar, or simple fraction (examples: and ) consists of an integer numerator, displayed above a line (or before a slash like ), and a non-zero integer denominator, displayed below (or after) that line.

Nanoindentation hardness and modulus of Al2O3-SiO2-CaO and MnO-SiO2-FeO inclusions in iron

Andreas Mortensen, David Hernandez Escobar, Léa Deillon, Alejandra Inés Slagter, Eva Luisa Vogt, Jonathan Aristya Setyadji

Dataset corresponding to the following manuscript: Slagter, A., Setyadji, J.A., Vogt, E.L. et al. Nanoindentation Hardness and Modulus of Al2O3–SiO2–CaO and MnO–SiO2–FeO Inclusions in Iron. Metall Mater Trans A (2024). https://doi.org/10.1007/s11661-024-0 ...

Zenodo2024

Data and code associated with the paper 'Mode-Specific Coupling of Nanoparticle-on-Mirror Cavities with Cylindrical Vector Beams'

Christophe Marcel Georges Galland, Valeria Vento, Sachin Suresh Verlekar, Philippe Andreas Rölli

Data and code associated with the following paper: V. Vento et al, Nano Lett. 2023 A thorough explanation of the experiment performed is available there. The name of each sub-folder and file in Maps_data_code.zip indicates the correspondin ...

EPFL Infoscience2023

ALMOST SURE SCATTERING OF THE ENERGY-CRITICAL NLS IN d > 6

Katie Sabrina Catherine Rosie Marsden

We study the energy-critical nonlinear Schrodinger equation with randomised initial data in dimensions d > 6. We prove that the Cauchy problem is almost surely globally well-posed with scattering for randomised supercritical initial data in H-s(Rd) wheneve ...

Springfield2023