When it comes to cryptographic software, side channels are an often-overlooked threat. A side channel is any observable side effect of computation that an attacker could measure and possibly influence. Crypto is especially vulnerable to side channel attacks because of its strict requirements for absolute secrecy. In the software world, side channel attacks have sometimes been dismissed as impractical. However, new system architecture features, such as larger cache sizes and multicore processors, have increased the prevalence of side channels and quality of measurement available to an attacker. Software developers must be aware of the potential for side channel attacks and plan appropriately. History o
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.