Questions tagged [side-channel]

A side channel attack is an attack that deduces secret information from environmental observations such as timing or power consumption.

A side channel of system is a way in which the system reveals information indirectly. Side channel attacks can allow attackers to obtain confidential information even when the stored or transmitted message itself is not leaked.

A common class of side channels is timing , where the duration of certain operations reveals information about the data that is being processed. For example, the number of elementary operations in an encryption algorithm may depend on the value of the key; the interval between network packets may be indicative of how much computation was required to generate the packet and thus of the content of the packet.

Other types of side channels include power consumption, electromagnetic radiation, noise, etc.

For questions about side channel attacks on cryptographic algorithms specifically, see also side-channel-attacks on our sister site about cryptography.

86 questions
9
votes
5 answers

Origin of side-channel attacks

What is the origin of side-channel attacks? Is it related to the algorithm or to the implementation? In other words, is the software responsible for the attack or the hardware? Is there a cryptographic algorithm that is resistant to side-channel…
TheGoodUser
  • 849
  • 2
  • 7
  • 13
4
votes
1 answer

Side channel attack on SSD?

I know it is possible to obtain the key from some cryptographic schemes by using side channel attack on hard drive such as noise and magnetic fields. I was wondering if it was possible to use side channel attack on solid state drives? I have yet to…
user153882
  • 773
  • 1
  • 5
  • 14
3
votes
1 answer

Cache side-channels: Prime & Probe attack

I am having trouble to completely understand the Prime & Probe attack: My current understanding is this: Priming phase: The attacker occupies all cache sets with attacker data. Probe phase: The attacker measures access time to figure out which set…
CryptoThomas
  • 31
  • 1
  • 3
0
votes
2 answers

side channel attacks - powered off system with physical access

Can you run Side-Channel-Attacks against a PC which was found properly shutdown and powered off? The attacker knows the cryto-tools used to encrypt the data. The attacker has full and unlimited physical access to the whole system. The system is not…
user3200534
  • 881
  • 10
  • 22
0
votes
1 answer

Why are performance counters not used for cache attacks?

Cache side-channel attacks rely on the capability to observe cache hits/misses for a given set. Usually this is done via timing information, e.g. in flush+reload or prime+probe. Why is the performance monitoring function of CPUs, e.g. the Intel…
0
votes
0 answers

Meltdown/Spectre attack

What concepts should a newbie(someone who doesn't have too much knowledge about computer architecture, user/kernel space, memory etc.) understand if he wants to know how Metldown/Spectre works? I would say : out of order execution user/kernel space…
0
votes
2 answers

Side Channel Signal/Attacks

1) What type of information is leaked through side-channel signals from a laptop? List all types where possible. (i.e. keyboard input? the application used on the computer, like google chrome?) 2) What tools/devices are used to pick up the side…
uzone
  • 1
-2
votes
3 answers

How to mitigate side-channel attacks?

Say I am at my office. I am now trying to talk to my friend with a LUI instant message application. I have a blanket covered over my keyboard, just like Snowden, probably good enough to hide my password. However, there are two problems: Firstly,…
user97093
  • 21
  • 1