Amplifying Side Channels Through Performance Degradation

Thomas Allan; Billy Bob Brumley; Katrina Falkner; Joop van de Pol; Yuval Yarom

doi:10.1145/2991079.2991084

Amplifying Side Channels Through Performance Degradation

Thomas Allan, Billy Bob Brumley, Katrina Falkner, Joop van de Pol, Yuval Yarom

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

39 Citations (Scopus)

Abstract

Interference between processes executing on shared hardware can be used to mount performance-degradation attacks. However, in most cases, such attacks offer little benefit for the adversary. In this paper, we demonstrate that software-based performance-degradation attacks can be used to amplify side-channel leaks, enabling the adversary to increase both the amount and the quality of information captured.

We identify a new information leak in the OpenSSL implementation of the ECDSA digital signature algorithm, albeit seemingly unexploitable due to the limited granularity of previous trace procurement techniques. To overcome this imposing hurdle, we combine the information leak with a microarchitectural performance-degradation attack that can slow victims down by a factor of over 150. We demonstrate how this combination enables the amplification of a side-channel sufficiently to exploit this new information leak. Using the combined attack, an adversary can break a private key of the secp256k1 curve, used in the Bitcoin protocol, after observing only 6 signatures---a four-fold improvement over all previously described attacks.

Original language	English
Title of host publication	Proceedings of the 32nd Annual Conference on Computer Security Applications
Publisher	ACM
Pages	422-435
Number of pages	14
ISBN (Print)	978-1-4503-4771-6
DOIs	https://doi.org/10.1145/2991079.2991084
Publication status	Published - 5 Dec 2016
Publication type	A4 Article in conference proceedings
Event	ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE - Duration: 1 Jan 1900 → …

Conference

Conference	ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE
Period	1/01/00 → …

Publication forum classification

Publication forum level 1

Access to Document

10.1145/2991079.2991084Licence: CC BY

https://eprint.iacr.org/2015/1141Licence: CC BY

Cite this

@inproceedings{54938494e73e483681c37563acc75583,

title = "Amplifying Side Channels Through Performance Degradation",

abstract = "Interference between processes executing on shared hardware can be used to mount performance-degradation attacks. However, in most cases, such attacks offer little benefit for the adversary. In this paper, we demonstrate that software-based performance-degradation attacks can be used to amplify side-channel leaks, enabling the adversary to increase both the amount and the quality of information captured.We identify a new information leak in the OpenSSL implementation of the ECDSA digital signature algorithm, albeit seemingly unexploitable due to the limited granularity of previous trace procurement techniques. To overcome this imposing hurdle, we combine the information leak with a microarchitectural performance-degradation attack that can slow victims down by a factor of over 150. We demonstrate how this combination enables the amplification of a side-channel sufficiently to exploit this new information leak. Using the combined attack, an adversary can break a private key of the secp256k1 curve, used in the Bitcoin protocol, after observing only 6 signatures---a four-fold improvement over all previously described attacks.",

author = "Thomas Allan and Brumley, {Billy Bob} and Katrina Falkner and {van de Pol}, Joop and Yuval Yarom",

year = "2016",

month = dec,

day = "5",

doi = "10.1145/2991079.2991084",

language = "English",

isbn = "978-1-4503-4771-6",

pages = "422--435",

booktitle = "Proceedings of the 32nd Annual Conference on Computer Security Applications",

publisher = "ACM",

note = "ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE ; Conference date: 01-01-1900",

}

TY - GEN

T1 - Amplifying Side Channels Through Performance Degradation

AU - Allan, Thomas

AU - Brumley, Billy Bob

AU - Falkner, Katrina

AU - van de Pol, Joop

AU - Yarom, Yuval

PY - 2016/12/5

Y1 - 2016/12/5

N2 - Interference between processes executing on shared hardware can be used to mount performance-degradation attacks. However, in most cases, such attacks offer little benefit for the adversary. In this paper, we demonstrate that software-based performance-degradation attacks can be used to amplify side-channel leaks, enabling the adversary to increase both the amount and the quality of information captured.We identify a new information leak in the OpenSSL implementation of the ECDSA digital signature algorithm, albeit seemingly unexploitable due to the limited granularity of previous trace procurement techniques. To overcome this imposing hurdle, we combine the information leak with a microarchitectural performance-degradation attack that can slow victims down by a factor of over 150. We demonstrate how this combination enables the amplification of a side-channel sufficiently to exploit this new information leak. Using the combined attack, an adversary can break a private key of the secp256k1 curve, used in the Bitcoin protocol, after observing only 6 signatures---a four-fold improvement over all previously described attacks.

AB - Interference between processes executing on shared hardware can be used to mount performance-degradation attacks. However, in most cases, such attacks offer little benefit for the adversary. In this paper, we demonstrate that software-based performance-degradation attacks can be used to amplify side-channel leaks, enabling the adversary to increase both the amount and the quality of information captured.We identify a new information leak in the OpenSSL implementation of the ECDSA digital signature algorithm, albeit seemingly unexploitable due to the limited granularity of previous trace procurement techniques. To overcome this imposing hurdle, we combine the information leak with a microarchitectural performance-degradation attack that can slow victims down by a factor of over 150. We demonstrate how this combination enables the amplification of a side-channel sufficiently to exploit this new information leak. Using the combined attack, an adversary can break a private key of the secp256k1 curve, used in the Bitcoin protocol, after observing only 6 signatures---a four-fold improvement over all previously described attacks.

U2 - 10.1145/2991079.2991084

DO - 10.1145/2991079.2991084

M3 - Conference contribution

SN - 978-1-4503-4771-6

SP - 422

EP - 435

BT - Proceedings of the 32nd Annual Conference on Computer Security Applications

PB - ACM

T2 - ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE

Y2 - 1 January 1900

ER -

Amplifying Side Channels Through Performance Degradation

Abstract

Conference

Publication forum classification

Access to Document

Fingerprint

Cite this