Information Leakage as a Scheduling Resource

Biondi, Fabrizio; Chadli, Mounir; Given-Wilson, Thomas; Legay, Axel

doi:10.1007/978-3-319-67113-0_6

Cited by 1 publication

(2 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Scheduling-based Obfuscation [6], [125], [130] • Leakage Feedback [126], [131] [132] • Server Side Defenses (cache Flushing) [116] • Retired Instruction [119] • Minimum Timeslice [114] • Cache Flushing [6], [115], [116] Partitioning-Time Countermeasure Techniques (Section8.4)…”

Section: Llcmentioning

confidence: 99%

“…Schedulers can be designed such that the information leakage can be quantified to be used as feedback to suppress it. The authors in [126] follow a workflow model used in real-time systems in which jobs are periodically produced to be scheduled and to be completed before assigned deadlines. The tasks are divided into steps that individually consist of three parameters: execution time, leakage value and security level.…”

Section: Leakage Feedbackmentioning

confidence: 99%

See 1 more Smart Citation

Winter is here! A decade of cache-based side-channel attacks, detection & mitigation for RSA

Mushtaq

Mukhtar

Lapôtre

et al. 2020

Information Systems

View full text Add to dashboard Cite

The highlights of this paper are the following ones.• We propose a threat model to identify various leak-age channels, both in software and hardware layers, to demonstrate possible threats and vulnerabilities. We identify leakages at different levels of the Intel x86 cache hierarchy that help narrow down major attack possibilities in caches. • We provide a taxonomy of leakage channels, their classification, and the type of threat associated with each for different implementations of RSA cryptosys-tems in particular.• We investigate the timing channels on various cryp-tographic implementations. In the last decade, dif-ferent implementations of RSA cryptosystem have been attacked. We provide a detailed analysis of these attacks on different implementations of RSA and explain the problem of leakage and threat level involved in these implementations.• We analyze and list software and hardware counter-measure techniques proposed so far against known attacks on RSA. We also identify significant mitiga tion techniques that are effective at various cache levels and that address different threat levels with respect to our proposed threat model. We analyze the efficiency of the proposed countermeasures and explain their efficacy against our proposed threat model. • We identify existing auditing/detection techniques against cache-based side-channel attacks (CSCAs) using hardware performance monitoring counters (HPCs) to detect stealthy attacks. We underline the importance of detection mechanisms as a new angle of research to provide need-based mitigation toward CSCAs. • We discuss various open threat areas in cache hier-archy that have not been properly addressed by the proposed mitigation techniques so far. We also dis-cuss the challenges associated with hardware mitiga-tion solutions and argue in favor of strong software countermeasures against threats in cache hierarchy in contemporary processors (Intel x86).

show abstract