Sciweavers

IMA
2007
Springer

New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures

14 years 6 months ago
New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures
Abstract. Software based side-channel attacks allow an unprivileged spy process to extract secret information from a victim (cryptosystem) process by exploiting some indirect leakage of “side-channel” information. It has been realized that some components of modern computer microarchitectures leak certain side-channel information and can create unforeseen security risks. An example of such MicroArchitectural Side-Channel Analysis is the Cache Attack — a group of attacks that exploit information leaks from cache latencies [4, 7, 13, 15, 17]. Public awareness of Cache Attack vulnerabilities lead software writers of OpenSSL (version 0.9.8a and subsequent versions) to incorporate countermeasures for preventing these attacks. In this paper, we present a new and yet unforeseen side channel attack that is enabled by the recently published Simple Branch Prediction Analysis (SBPA) which is another type of MicroArchitectural Analysis, cf. [2, 3]. We show that modular inversion — a critic...
Onur Aciiçmez, Shay Gueron, Jean-Pierre Sei
Added 08 Jun 2010
Updated 08 Jun 2010
Type Conference
Year 2007
Where IMA
Authors Onur Aciiçmez, Shay Gueron, Jean-Pierre Seifert
Comments (0)