A survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography


CHARACTERIZATION OF SOFTWARE ATTACK VECTORS



Download 176.24 Kb.
Page15/15
Date03.05.2023
Size176.24 Kb.
#61249
1   ...   7   8   9   10   11   12   13   14   15
3456629

CHARACTERIZATION OF SOFTWARE ATTACK VECTORS


We systematically characterize side-channel vulnerabilities from past works based on di$erent operations in di$erent cryptographic algorithms and protocols. Table 2 summarizes the vulnera- bilities covered in this article. For each vulnerability, we present the vulnerable operations, causes, and the corresponding attack techniques.


    1. AsymmetrIc Cryptography




Modular multiplication. Given three integers x, y, and m, this operation is to calculate x y mod m. Both OpenSSL and GnuPG implement two multiplication routines: naive multiplication and Karatsuba multiplication [110]. The selection of the routine is based on the operand size: The naive routine is taken for small multiplicands, while Karatsuba routine is adopted for large ones. Such implementation introduces control-flow side channels about the operands: Karatsuba routine is typically faster than the native routine. An adversary can measure the execution time to infer the sizes of the operands and then recover the secret key [38].


ACM Computing Surveys, Vol. 54, No. 6, Article 122. Publication date: July 2021.



Download 176.24 Kb.

Share with your friends:
1   ...   7   8   9   10   11   12   13   14   15




The database is protected by copyright ©ininet.org 2024
send message

    Main page