[openpgp] Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack

ianG <iang@iang.org> Fri, 26 July 2013 08:00 UTC

Return-Path: <iang@iang.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E196D21F8A53 for <openpgp@ietfa.amsl.com>; Fri, 26 Jul 2013 01:00:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_56=0.6]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id jbX8iO2j13JG for <openpgp@ietfa.amsl.com>; Fri, 26 Jul 2013 00:59:57 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com []) by ietfa.amsl.com (Postfix) with ESMTP id AD6B221F8934 for <openpgp@ietf.org>; Fri, 26 Jul 2013 00:59:57 -0700 (PDT)
Received: from tormenta.local (www2.futureware.at []) by virulha.pair.com (Postfix) with ESMTPSA id DB5196D48B; Fri, 26 Jul 2013 03:59:50 -0400 (EDT)
Message-ID: <51F22C78.3070300@iang.org>
Date: Fri, 26 Jul 2013 10:59:52 +0300
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: openpgp@ietf.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [openpgp] Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jul 2013 08:00:02 -0000

might be of some interest, h/t to Jeff Walton:

---------- Forwarded message ----------
From: Hurgel Bumpf <l0rd_lunatic@yahoo.com>;
Date: Fri, Jul 26, 2013 at 2:31 AM
Subject: [Full-disclosure] Flush+Reload: a High Resolution, Low Noise,
L3 Cache Side-Channel Attack
To: "full-disclosure@lists.grok.org.uk"; <full-disclosure@lists.grok.org.uk>;

Just found this online.. might be of interest

Abstract: Flush+Reload  is a cache side-channel attack that
monitors access to data in shared pages. In this paper we demonstrate
how to use the  attack to extract private encryption keys from GnuPG.
The high resolution and low noise of the Flush+Reload attack enables a
spy program to recover over 98% of the bits of the private key in a
single decryption or signing round. Unlike previous attacks, the attack
targets the last level L3 cache. Consequently, the spy program and the
victim do not need to share the execution core of the CPU. The attack
is not limited to a traditional OS and can be used in a virtualised
environment, where it can attack programs executing in a different VM.

Category / Keywords: Side Channel Attack, Cache, RSA, Exponentiation

Date: received 18 Jul 2013

By: Yuval Yarom and Katrina Falkner


Direct PDF: http://eprint.iacr.org/2013/448.pdf


Have a nice Friday,
Bonan the bavarian

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/