• Publications
  • Influence
FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack
This paper presents FLUSH+RELOAD, a cache side-channel attack technique that exploits a weakness in the Intel X86 processors to monitor access to memory lines in shared pages and recovers 96.7% of the bits of the secret key by observing a single signature or decryption round.
Spectre Attacks: Exploiting Speculative Execution
This paper describes practical attacks that combine methodology from side channel attacks, fault attacks, and return-oriented programming that can read arbitrary memory from the victim's process that violate the security assumptions underpinning numerous software security mechanisms.
Last-Level Cache Side-Channel Attacks are Practical
This work presents an effective implementation of the Prime+Probe side-channel attack against the last-level cache of GnuPG, and achieves a high attack resolution without relying on weaknesses in the OS or virtual machine monitor or on sharing memory between attacker and victim.
Meltdown: Reading Kernel Memory from User Space
It is shown that the KAISER defense mechanism for KASLR has the important (but inadvertent) side effect of impeding Meltdown, which breaks all security guarantees provided by address space isolation as well as paravirtualized environments.
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
This work presents Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations and develops a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache.
It is shown that the KAISER defense mechanism for KASLR has the important (but inadvertent) side effect of impeding Meltdown, which enables an adversary to read memory of other processes or virtual machines in the cloud without any permissions or privileges.
CATalyst: Defeating last-level cache side channel attacks in cloud computing
  • F. Liu, Qian Ge, R. Lee
  • Computer Science
    IEEE International Symposium on High Performance…
  • 12 March 2016
CATalyst, a pseudo-locking mechanism which uses CAT to partition the LLC into a hybrid hardware-software managed cache, is presented, and it is shown that LLC side channel attacks can be defeated.
Another Flip in the Wall of Rowhammer Defenses
Novel Rowhammer attack and exploitation primitives are presented, showing that even a combination of all defenses is ineffective, and a new attack technique, one-location hammering, breaks previous assumptions on requirements for triggering the Rowhammer bug.
"Ooh Aah... Just a Little Bit" : A Small Amount of Side Channel Can Go a Long Way
This work applies the Flush+Reload side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests and shows that with as little as 200 signatures the authors are able to achieve a reasonable level of success in recovering the secret key for a 256-bit curve.
CacheBleed: a timing attack on OpenSSL constant-time RSA
It is shown that scatter-gather is not constant time, and a cache timing attack against the scatter–gather implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f is implemented.