New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures

14 years 5 months ago

Download eprint.iacr.org

Abstract. Software based side-channel attacks allow an unprivileged spy process to extract secret information from a victim (cryptosystem) process by exploiting some indirect leakage of “side-channel” information. It has been realized that some components of modern computer microarchitectures leak certain side-channel information and can create unforeseen security risks. An example of such MicroArchitectural Side-Channel Analysis is the Cache Attack — a group of attacks that exploit information leaks from cache latencies [4, 7, 13, 15, 17]. Public awareness of Cache Attack vulnerabilities lead software writers of OpenSSL (version 0.9.8a and subsequent versions) to incorporate countermeasures for preventing these attacks. In this paper, we present a new and yet unforeseen side channel attack that is enabled by the recently published Simple Branch Prediction Analysis (SBPA) which is another type of MicroArchitectural Analysis, cf. [2, 3]. We show that modular inversion — a critic...

Onur Aciiçmez, Shay Gueron, Jean-Pierre Sei

Real-time Traffic

Cache Attack | Extended Euclidean Algorithm | IMA 2007 | Side-channel Attacks |

claim paper

Post Info
More Details (n/a)

Added	08 Jun 2010
Updated	08 Jun 2010
Type	Conference
Year	2007
Where	IMA
Authors	Onur Aciiçmez, Shay Gueron, Jean-Pierre Seifert

Comments (0)

Sciweavers

New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures

Cache Attack | Extended Euclidean Algorithm | IMA 2007 | Side-channel Attacks |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers