Questions tagged [side-channel]
A side channel attack is an attack that deduces secret information from environmental observations such as timing or power consumption.
90 questions
2
votes
1
answer
177
views
Does revealing semantic similarity scores between AES-encrypted data create an exploitable side channel?
Background: My expertise is in machine learning/AI, not cryptography, so I apologize if I'm missing fundamental security concepts. I'm trying to build a privacy-preserving AI agent system and want to ...
- 123
0
votes
1
answer
100
views
SCA on ARM: `mla` instruction
I'm working on a side-channel attack and try to make use of a multiplication result.
In the reference C code, it's a multiplication of two values and a follow-up addition on the multiplication result ...
- 125
1
vote
1
answer
621
views
Resistance of data diode from side-channel attack
Are data diodes resistant to side-channel attacks?
For example, can hackers infer secret data from another computer by analyzing the signal of the data diode?
Assume that a Faraday cage isolates each ...
- 27
2
votes
1
answer
844
views
How can a timing/cache side-channel attack be performed? How can attack know the time of which certain instructions are performed by the victim?
About timing my question is:
How can attack know the time of which certain instructions are performed by the victim?
And about the cache, how can attacker know which cache line is being accessed by ...
- 547
0
votes
1
answer
678
views
Simple setups for side-channel analysis
I'd like to test cryptographic implementations in FPGA against power analysis. Not being all that handy with hardware and such, I'm looking for an easy solution. What I've come across thus far:
...
- 101
1
vote
2
answers
287
views
Are timing-based side-channel attacks against the server during CORS preflight a legitimate concern?
Section 3.2.3 of the Fetch standard provides some guidance about how servers can/should handle preflight requests.
A successful HTTP response, i.e., one where the server developer intends to share it,...
- 443
0
votes
1
answer
193
views
How can differential power analysis (DPA) still work without "sufficient" measurement resolution?
Referring to Introduction to differential power analysis (Paul Kocher, Joshua Jaffe, Benjamin Jun, Pankaj Rohatgi)
[...]
Because the amount of power used by a device is influenced by the data being ...
- 133
0
votes
1
answer
187
views
What type of attacks can be carried against an OS with FDE, if we assume OS and FDE are implemented correctly?
The question is mainly stated in the title. I was wondering what kind of attacks can be launched on such a setup, where someone has access to a running OS with locked screen (needs password for the ...
- 101
0
votes
0
answers
162
views
Why does certification for datacenter equipment test for TEMPEST?
I wonder why certification (common criteria and stuff like that) of security critical hardware that is meant to be used in datacenters (e.g. link encryptors) includes some tests related to TEMPEST ...
- 109
0
votes
1
answer
140
views
Why are performance counters not used for cache attacks?
Cache side-channel attacks rely on the capability to observe cache hits/misses for a given set. Usually this is done via timing information, e.g. in flush+reload or prime+probe. Why is the performance ...
- 101
3
votes
1
answer
289
views
Does this theoretical salted-hash-sleep scheme mitigate timing attacks?
This question is purely theoretical, I have no intention of ever implementing this scheme in practice. I'm familiar with the shortcomings of sleeping as means of mitigating timing attacks. I'm more ...
- 145
17
votes
2
answers
3k
views
How are code-branch side channel attacks mitigated on Java?
When you are working with secret keys, if your code branches unequally it could reveal bits of the secret keys via side channels. So for some algorithms it should branch uniformly independently of the ...
- 317
8
votes
6
answers
3k
views
Does having no 'if' blocks in code mitigate side-channel attacks?
Looking through descriptions of Spectre and Meltdown it seems that speculative execution - the basis for these attacks - occurs only with branched code. Therefore, it seems logical to conclude that ...
- 498
0
votes
0
answers
162
views
Is using a developer key to protect a REST API good practice?
I'd like to implement a RESTful API service over HTTP that developers can call from their server side environments.
I intend to use a cryptographically secure pseudo-random number generator (CSPRNG) ...
- 113
0
votes
0
answers
200
views
Constant-Time String-to-Byte Encoding for JavaScript
When dealing with cryptographic secrets (private keys, passwords, etc) it is desirable to not run these secrets through functions that do not run in constant time, in order to avoid the potential for ...
- 366