Stack Overflow
Stack Overflow

Questions tagged [side-channel-attacks]

This should apply to a exploitation and defense against side channel attacks such as timing base attack and cache side-channel attack

From Wikipedia:

In computer security, a side-channel attack is any attack based on information gained from the implementation of a computer system, rather than weaknesses in the implemented algorithm itself (e.g. cryptanalysis and software bugs).

20 questions
0
votes
1 answer

How to experience cache miss and hits in Linux system?

Hello I've been trying to experience cache miss and hits in Linux. To do so, I've done a program in C, where I mesure the time in CPU cycle to do the instruction printf(). The first part mesure the time needed for a miss and the second one for a…
Scalinsa
  • 1
0
votes
0 answers

Is there a way to map two variables to same cache set in ARM?

I have been trying to implement a Cache Side Channel attack on ARM. Since ARM doesn't have any instruction or function (similar to cflush) defined to flush the cache contents, I am trying to achieve this by Evict+Reload method. This method requires…
Balvansh Heerekar
  • 85
  • 1
  • 13
0
votes
1 answer

Python library or technique to defend against timing side channel attack

Consider a login API entry point that gets a username and a password. The password is securely hashed and salted, and following a proper practice we return an identical response either if the username doesn't exists or the password is incorrect. def…
Chen Levy
  • 15,438
  • 17
  • 74
  • 92
0
votes
2 answers

C++ benchmarking, volatile

I'm trying to measure how long it takes to execute a function 'check()' using rdtsc as follows: a = rdtsc(); check(pw); b = rdtsc(); return (b-a); However, I am receiving very small time differences, which I think is due to my compiler (using G++,…
Harry Budd
  • 17
  • 4
-1
votes
1 answer

How to have precise time in python for timing attacks?

I'd like to know why python gives me two different times when I re-order the two nested for loops. The difference is that significant that causes inaccurate results. This one almost gives me the result I expect to see: for i in range(20000): …
D J
  • 23
  • 3
1
2