8,837 research outputs found
Ozone: Efficient Execution with Zero Timing Leakage for Modern Microarchitectures
Time variation during program execution can leak sensitive information. Time
variations due to program control flow and hardware resource contention have
been used to steal encryption keys in cipher implementations such as AES and
RSA. A number of approaches to mitigate timing-based side-channel attacks have
been proposed including cache partitioning, control-flow obfuscation and
injecting timing noise into the outputs of code. While these techniques make
timing-based side-channel attacks more difficult, they do not eliminate the
risks. Prior techniques are either too specific or too expensive, and all leave
remnants of the original timing side channel for later attackers to attempt to
exploit.
In this work, we show that the state-of-the-art techniques in timing
side-channel protection, which limit timing leakage but do not eliminate it,
still have significant vulnerabilities to timing-based side-channel attacks. To
provide a means for total protection from timing-based side-channel attacks, we
develop Ozone, the first zero timing leakage execution resource for a modern
microarchitecture. Code in Ozone execute under a special hardware thread that
gains exclusive access to a single core's resources for a fixed (and limited)
number of cycles during which it cannot be interrupted. Memory access under
Ozone thread execution is limited to a fixed size uncached scratchpad memory,
and all Ozone threads begin execution with a known fixed microarchitectural
state. We evaluate Ozone using a number of security sensitive kernels that have
previously been targets of timing side-channel attacks, and show that Ozone
eliminates timing leakage with minimal performance overhead
Timing Side-Channel Attacks on SSH
In most secure communication standards today, additional latency is kept to a minimum to preserve the Quality-of-Service. As a result, it is possible to mount side-channel attacks using timing analysis. In this thesis we discuss the viability of these attacks, and demonstrate them by inferring Hidden Markov Models of protocols. These Hidden Markov Models can be used to both detect protocol use and infer information about protocol state. We create experiments that use Markov models to generate traffic and show that we can accurately reconstruct models under many circumstances. We analyze what occurs when timing delays have enough jitter that we can not accurately assign packets to bins. Finally, we show that we can accurately identify the language used for cryptographically protected interactive sessions - Italian or English - on-line with as few as 77 symbols. A maximum-likelihood estimator, the forward-backward procedure, and confidence interval analysis are compared
- …