中文 English

Security Research Bits


A number of hardware security-related technical papers were presented at the August 2021 USENIX Security Symposium. The organization provides open access research, and the presentation slides and papers are free to the public. Topics include side-channel attacks and defenses, embedded security, hardware security tokens, and more. Here are some highlights with associated links:   [tab... » read more

PTAuth: Temporal Memory Safety via Robust Points-to Authentication


Authors: Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu, Northeastern University Abstract: "Temporal memory corruptions are commonly exploited software vulnerabilities that can lead to powerful attacks. Despite significant progress made by decades of research on mitigation techniques, existing countermeasures fall short due to either limited coverage or overly high overhead. Further... » read more

Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite


Authors: Aria Shahverdi, University of Maryland; Mahammad Shirinov, Bilkent University; Dana Dachman-Soled, University of Maryland Abstract: "We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private database... » read more

Automatic Extraction of Secrets from the Transistor Jungle using Laser-Assisted Side-Channel Attacks


Abstract:  "The security of modern electronic devices relies on secret keys stored on secure hardware modules as the root-of-trust (RoT). Extracting those keys would break the security of the entire system. As shown before, sophisticated side-channel analysis (SCA) attacks, using chip failure analysis (FA) techniques, can extract data from on-chip memory cells. However, since the chip's... » read more

On the Design and Misuse of Microcoded (Embedded) Processors — A Cautionary Note


Abstract:  "Today's microprocessors often rely on microcode updates to address issues such as security or functional patches. Unfortunately, microcode update flexibility opens up new attack vectors through malicious microcode alterations. Such attacks share many features with hardware Trojans and have similar devastating consequences for system security. However, due to microcode's opaq... » read more

Usability of Authenticity Checks for Hardware Security Tokens


Abstract:  "The final responsibility to verify whether a newly purchased hardware security token (HST) is authentic and unmodified lies with the end user. However, recently reported attacks on such tokens suggest that users cannot take the security guarantees of their HSTs for granted, even despite widely deployed authenticity checks. We present the first comprehensive market review eva... » read more

Always On, Always At Risk


Always-on devices are everywhere, and each of them is a potential target for hackers. While many people associate always-on devices with smart speakers such as an Amazon Alexa or Google Home, or a connected security camera, that's only one component in a system. There's a broader infrastructure behind those devices. So even if you power down a digital assistant/smart speaker, everything it's... » read more

IChannels: Exploiting Current Management Mechanisms to Create Covert Channels in Modern Processors


Find technical paper link here. Abstract: "To operate efficiently across a wide range of workloads with varying power requirements, a modern processor applies different current management mechanisms, which briefly throttle instruction execution while they adjust voltage and frequency to accommodate for power-hungry instructions (PHIs) in the instruction stream. Doing so 1) reduces the pow... » read more

Building A More Secure SoC


SoC integrators know that a software-only chip security plan leaves devices open to attack. All that a hacker needs to do is find a way to replace key parts of the bootloader or the low-level firmware to compromise other software in the system used to support secure access. The most simple attacks come remotely over a network, and these can be patched with software upgrades. However, we see ... » read more

Protecting Automotive SoCs Starts With Secure IP


The automotive industry is undergoing a significant transformation. Cars are becoming more sophisticated and valuable with increased connectivity and capabilities to provide a better user experience. They are also collecting and transmitting more and more sensitive data and thus are becoming very attractive targets for attacks. Cybercrime in the automotive industry is growing rapidly. How bad i... » read more

← Older posts