Side-Channel Attacks on Everyday Applications
Vložit
- čas přidán 25. 06. 2024
- by Taylor Hornby
In 2013, Yuval Yarom and Katrina Falkner discovered the FLUSH+RELOAD L3 cache side-channel. So far it has broken numerous implementations of cryptography including, notably, the AES and ECDSA in OpenSSL and the RSA GnuPG. Given FLUSH+RELOAD's astounding success at breaking cryptography, we're lead to wonder if it can be applied more broadly, to leak useful information out of regular applications like text editors and web browsers whose main functions are not cryptography.
In this talk, I'll briefly describe how the FLUSH+RELOAD attack works, and how it can be used to build input distinguishing attacks. In particular, I'll demonstrate how when the user Alice browses around the top 100 Wikipedia pages, the user Bob can spy on which of those pages she's visiting.
This isn't an earth-shattering attack, but as the code I'm releasing shows, it can be implemented reliably. My goal is to convince the community that side channels, FLUSH+RELOAD in particular, are useful for more than just breaking cryptography. The code I'm releasing is a starting point for developing better attacks. If you have access to a vulnerable CPU running a suitable OS, you should be able to reproduce the attack within minutes after watching the talk and downloading the code.
Would be interested to see how the first phase was done, how the "light bulb" strings are actually generated, I get they are different function calls but what the process looks like and the tools used and how it's actually done would be good to see!
How are there only 10 comments? Sys Admins, Sec Engineers, Net Admins need to know this!
Alice runs Links on her computer! And I am the coauthor of Links! Cool🤗
proud to see this come out of U Calgary
This is actually great, I heard side channel attacks were cool but this is above awesome
@Taylor Hornby - The light bulb reference at 10:30, Could you please advise if its an analogy to identify when Alice would run the BAR and the BAZ functions?
cool dude
every OS maps the virtual memory space of two running binaries to the same cache lines? I guess if it’s not guaranteed then the attack won’t work.
Seemed like a very specific assumption to me too
Does someone have a link to the website where I can purchase the paper that the speaker recommends?
?? He literally has a massive link on the screen where you can access the PDF...
Does having intel’s AES NI instruction set help against side channel attacks
Yes, some implementations of AES that use lookup tables are vulnerable to side channel attacks tho
Is Qubes OS kill?
HI i have a kind of what you call a remote controlled computer i dont know it can transmit a lot of data remotely without my wifi and bluetooth card but it looks like the badbios i have the same problem on my iphone and mac book air and laptop on windows it is real and invisible to me from the system
it's weird how much I'd prefer him to pronounce flush + reload as "flush & reload" instead of "flush, plus, reload" :|