• Publications
  • Influence
Power analysis attacks - revealing the secrets of smart cards
TLDR
Power Analysis Attacks: Revealing the Secrets of Smart Cards is the first comprehensive treatment of power analysis attacks and countermeasures. Expand
  • 1,666
  • 184
  • PDF
Spectre Attacks: Exploiting Speculative Execution
TLDR
This paper describes practical attacks that combine methodology from side channel attacks, fault attacks, and return-oriented programming that can read arbitrary memory from the victim's process. Expand
  • 811
  • 122
  • PDF
Meltdown: Reading Kernel Memory from User Space
The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we presentExpand
  • 433
  • 62
  • PDF
Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints
TLDR
This article describes a novel side-channel analysis resistant logic style called MDPL that completely avoids such constraints and is suitable for semi-custom designs. Expand
  • 383
  • 42
  • PDF
Flush+Flush: A Fast and Stealthy Cache Attack
TLDR
The Flush+Flush attack only relies on the execution time of the flush instruction, which depends on whether data is cached or not. Expand
  • 248
  • 39
  • PDF
A Side-Channel Analysis Resistant Description of the AES S-Box
TLDR
We introduce a new masking countermeasure for the AES algorithm which is not only secure against first-order side-channel attacks, but which also leads to relatively small implementations compared to other masking schemes implemented in dedicated hardware. Expand
  • 319
  • 35
  • PDF
Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches
TLDR
We present a generic approach to exploit cache-based information leakage of any program automatically, without prior knowledge of specific software versions or even specific system information. Expand
  • 243
  • 34
  • PDF
DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks
TLDR
In cloud computing environments, multiple tenants are often co-located on the same multi-processor system. Expand
  • 180
  • 32
  • PDF
Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript
TLDR
We show that it is possible to trigger hardware faults by performing fast cache eviction on all architectures, if the DRAM modules are vulnerable. Expand
  • 209
  • 29
  • PDF
Meltdown
The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we presentExpand
  • 173
  • 29
  • PDF