Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses

Julien Maillard; Julien Maillard; Thomas Hiscock; Maxime Lecomte; Christophe Clavier

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses

Topics: IoT Security and Privacy; Security and Privacy in Mobile Systems

In Proceedings of the 21st International Conference on Security and Cryptography SECRYPT - Volume 1, 262-273, 2024 , Dijon, France

Authors: Julien Maillard ^{1

;

2} ; Thomas Hiscock ¹ ; Maxime Lecomte ¹ and Christophe Clavier ²

Affiliations: ¹ Univ. Grenoble Alpes, CEA-LETI, Minatec Campus, f-38054 Grenoble, France ; ² Univ. Limoges, XLIM-MATHIS, Limoges, France

Keyword(s): Side-Channel Attack, Micro-Architectural Attack, TrustZone, System-on-Chip.

Abstract: Remote side-channel attacks on processors exploit hardware and micro-architectural effects observable from software measurements. So far, the analysis of micro-architectural leakages over physical side-channels (power consumption, electromagnetic field) received little treatment. In this paper, we argue that those attacks are a serious threat, especially against systems such as smartphones and Internet-of-Things (IoT) devices which are physically exposed to the end-user. Namely, we show that the observation of Dynamic Random Access Memory (DRAM) accesses with an electromagnetic (EM) probe constitutes a reliable alternative to time measurements in cache side-channel attacks. We describe the EVICT+EM attack, that allows recovering a full AES key on a T-Tables implementation with similar number of encryptions than state-of-the-art EVICT+RELOAD attacks on the studied ARM platforms. This new attack paradigm removes the need for shared memory and exploits EM radiations instead of hi gh precision timers. Then, we introduce PRIME+EM, which goal is to reverse-engineer cache usage patterns of applications. This attack allows to recover the layout of lookup tables within the cache. Finally, we present COLLISION+EM, a collision-based attack on a Systemon-chip (SoC) that does not require malicious code execution, and show its practical efficiency in recovering key material on an ARM TrustZone application. Those results show that physical observation of the microarchitecture can lead to improved attacks. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.142.130.174

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Maillard, J., Hiscock, T., Lecomte, M. and Clavier, C. (2024). Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses. In Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-709-2; ISSN 2184-7711, SciTePress, pages 262-273. DOI: 10.5220/0012813200003767

@conference{secrypt24,
author={Julien Maillard and Thomas Hiscock and Maxime Lecomte and Christophe Clavier},
title={Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT},
year={2024},
pages={262-273},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012813200003767},
isbn={978-989-758-709-2},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT
TI - Cache Side-Channel Attacks Through Electromagnetic Emanations of DRAM Accesses
SN - 978-989-758-709-2
IS - 2184-7711
AU - Maillard, J.
AU - Hiscock, T.
AU - Lecomte, M.
AU - Clavier, C.
PY - 2024
SP - 262
EP - 273
DO - 10.5220/0012813200003767
PB - SciTePress