![Loading...](https://link.springer.com/static/c4a417b97a76cc2980e3c25e2271af3129e08bbe/images/pdf-preview/spacer.gif)
-
Chapter and Conference Paper
Drive-By Key-Extraction Cache Attacks from Portable Code
We show how malicious web content can extract cryptographic secret keys from the user’s computer. The attack uses portable scripting languages supported by modern browsers to induce contention for CPU cache re...
-
Chapter and Conference Paper
Modifying an Enciphering Scheme After Deployment
Assume that a symmetric encryption scheme has been deployed and used with a secret key. We later must change the encryption scheme in a way that preserves the ability to decrypt (a subset of) previously encryp...
-
Chapter and Conference Paper
Sliding Right into Disaster: Left-to-Right Sliding Windows Leak
It is well known that constant-time implementations of modular exponentiation cannot use sliding windows. However, software libraries such as Libgcrypt, used by GnuPG, continue to use sliding windows. It is wi...
-
Chapter and Conference Paper
Flush, Gauss, and Reload – A Cache Attack on the BLISS Lattice-Based Signature Scheme
We present the first side-channel attack on a lattice-based signature scheme, using the Flush+Reload cache-attack. The attack is targeted at the discrete Gaussian sampler, an important step in the Bimodal Lattice...
-
Chapter and Conference Paper
CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
The scatter-gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant time. We implement a cache timing attack against...
-
Chapter and Conference Paper
Evaluation and Cryptanalysis of the Pandaka Lightweight Cipher
There is a growing need to develop lightweight cryptographic primitives suitable for resource-constrained devices permeating in increasing numbers into the fabric of life. Such devices are exemplified none mor...
-
Chapter and Conference Paper
“Ooh Aah... Just a Little Bit” : A Small Amount of Side Channel Can Go a Long Way
We apply the Flush+Reload side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests. We then apply a “standard” lattice technique to extract the privat...