publication . Conference object . Other literature type . Part of book or chapter of book . Preprint . 2016

Flush+Flush: A Fast and Stealthy Cache Attack

Daniel Gruss;
  • Published: 07 Jul 2016
  • Country: France
Abstract
Research on cache attacks has shown that CPU caches leak significant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection. In this article, we show that this assumption does not hold by developing a novel attack technique: the Flush+Flush attack. The Flush+Flush attack only relies on the execution time of the flush instruction, which depends on whether data is cached or not. Flush+Flush does not make any memory accesses, contrary to any other cache attack. Thus, it causes no cache misses at all and the number of cache hits is re...
Subjects
ACM Computing Classification System: Hardware_MEMORYSTRUCTURES
free text keywords: Covert channel, Cache invalidation, Execution time, Cache attack, Cache, Computer security, computer.software_genre, computer, Computer science, Computer Science - Cryptography and Security
Related Organizations
Funded by
EC| HECTOR
Project
HECTOR
HARDWARE ENABLED CRYPTO AND RANDOMNESS
  • Funder: European Commission (EC)
  • Project Code: 644052
  • Funding stream: H2020 | RIA
,
EC| MATTHEW
Project
MATTHEW
Multi-entity-security using active Transmission Technology for improved Handling of Exportable security credentials Without privacy restrictions
  • Funder: European Commission (EC)
  • Project Code: 610436
  • Funding stream: FP7 | SP1 | ICT
Download fromView all 7 versions
ZENODO
Conference object . 2016
Provider: ZENODO
Zenodo
Other literature type . 2016
Provider: Datacite
http://arxiv.org/pdf/1511.0459...
Part of book or chapter of book
Provider: UnpayWall
49 references, page 1 of 4

1. Barresi, A., Razavi, K., Payer, M., Gross, T.R.: CAIN: silently breaking ASLR in the cloud. In: WOOT'15 (2015)

2. Bernstein, D.J.: Cache-timing attacks on AES. Tech. rep., Department of Mathematics, Statistics, and Computer Science, University of Illinois at Chicago (2005)

3. Bhattacharya, S., Mukhopadhyay, D.: Who watches the watchmen?: Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms. Cryptology ePrint Archive, Report 2015/621 (2015)

4. Brickell, E., Graunke, G., Neve, M., Seifert, J.P.: Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052 (2006)

5. Chiappetta, M., Savas, E., Yilmaz, C.: Real time detection of cache-based sidechannel attacks using hardware performance counters. Cryptology ePrint Archive, Report 2015/1034 (2015)

6. Demme, J., Maycock, M., Schmitz, J., Tang, A., Waksman, A., Sethumadhavan, S., Stolfo, S.: On the feasibility of online malware detection with performance counters. ACM SIGARCH Computer Architecture News 41(3), 559{570 (2013)

7. Fogh, A.: Cache side channel attacks. http://dreamsofastone.blogspot.co.at/ 2015/09/cache-side-channel-attacks.html (2015)

8. Fuchs, A., Lee, R.B.: Disruptive Prefetching: Impact on Side-Channel Attacks and Cache Designs. In: Proceedings of the 8th ACM International Systems and Storage Conference (SYSTOR'15) (2015)

9. Gruss, D., Maurice, C., Mangard, S.: Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript. In: DIMVA'16 (2016) [OpenAIRE]

10. Gruss, D., Spreitzer, R., Mangard, S.: Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In: USENIX Security Symposium (2015) [OpenAIRE]

11. Gullasch, D., Bangerter, E., Krenn, S.: Cache Games { Bringing Access-Based Cache Attacks on AES to Practice. In: S&P'11 (2011) [OpenAIRE]

12. Gulmezoglu, B., Inci, M.S., Eisenbarth, T., Sunar, B.: A Faster and More Realistic Flush+Reload Attack on AES. In: Constructive Side-Channel Analysis and Secure Design (COSADE) (2015)

13. Herath, N., Fogh, A.: These are Not Your Grand Daddy's CPU Performance Counters - CPU Hardware Performance Counters for Security. Black Hat 2015 Brie ngs (Aug 2015), https://www.blackhat.com/docs/us-15/materials/us15-Herath-These-Are-Not-Your-Grand-Daddys-CPU-Performance-CountersCPU-Hardware-Performance-Counters-For-Security.pdf

14. Hund, R., Willems, C., Holz, T.: Practical Timing Side Channel Attacks against Kernel Space ASLR. In: 2013 IEEE Symposium on Security and Privacy. pp. 191{ 205 (2013)

15. Intel: Intel R 64 and IA-32 Architectures Software Developer's Manual, Volume 3 (3A, 3B & 3C): System Programming Guide 253665 (2014)

49 references, page 1 of 4
Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue
publication . Conference object . Other literature type . Part of book or chapter of book . Preprint . 2016

Flush+Flush: A Fast and Stealthy Cache Attack

Daniel Gruss;