• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE transactions on dependable and secure computing >Connecting the Dots: Privacy Leakage via Write-Access Patterns to the Main Memory
【24h】

Connecting the Dots: Privacy Leakage via Write-Access Patterns to the Main Memory

机译:连接点:通过写入模式到主内存的隐私泄漏

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Data-dependent access patterns of an application to an untrusted storage system are notorious for leaking sensitive information about the user's data. Previous research has shown how an adversary capable of monitoring both read and write requests issued to the memory can correlate them with the application to learn its sensitive data. However, information leakage through only the write access patterns is less obvious and not well studied in the current literature. In this work, we demonstrate an actual attack on power-side-channel resistant Montgomery's ladder based modular exponentiation algorithm commonly used in public key cryptography. We infer the complete 512-bit secret exponent in $mathbf{sim 3.5}$similar to 3.5 minutes by virtue of just the write access patterns of the algorithm to the main memory. In order to learn the victim algorithm's write access patterns under realistic settings, we exploit a compromised DMA device to take frequent snapshots of the application's address space, and then run a simple differential analysis on these snapshots to find the write access sequence. The attack has been shown on an Intel Core(TM) i7-4790 3.60GHz processor based system. We further discuss a possible attack on McEliece public-key cryptosystem that also exploits the write-access patterns to learn the secret key.
机译:应用于不受信任的存储系统的数据的依赖访问模式对于泄漏有关用户数据的敏感信息是臭名昭着的。以前的研究表明,如何监视发出给内存的读写请求的对手可以将它们与应用程序相关联,以了解其敏感数据。但是,通过仅写访问模式泄漏的信息泄漏不太明显,并且在当前的文献中没有很好地研究。在这项工作中,我们展示了对公钥加密常用于公钥中使用的基于电力侧通道抵抗蒙哥马利的梯形图的模块化指数算法的实际攻击。我们在$ MATHBF { SIM 3.5} $中推断完整的512位秘密指数,它借助于算法的写访问模式与主存储器的写访问模式类似于3.5分钟。为了在逼真的设置下学习受害者算法的写访问模式,我们利用受损的DMA设备频繁拍摄应用程序的地址空间的快照,然后在这些快照上运行一个简单的差异分析以查找写入访问序列。该攻击已在英特尔核心(TM)I7-4790 3.60GHz处理器的系统上显示。我们进一步讨论了对MECELIENCE公钥密码系统的可能攻击,该系统还利用写入访问模式来学习秘密密钥。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号