Collaborate Disseminate
I’m a student currently studying molecular dynamics(MD). Molecular dynamics is a tool in computational chemistry that simulates a rather large set of atoms to predict the outcome of a system. Quite a while ago I thought about simulating a … Continue reading Molecular dynamics for preventing side-channel attacks [closed]
About timing my question is:
How can attack know the time of which certain instructions are performed by the victim?
And about the cache, how can attacker know which cache line is being accessed by the victim? Is this doable in "norma… Continue reading How can a timing/cache side-channel attack be performed? How can attack know the time of which certain instructions are performed by the victim?
I have an application with a shared secret. This application runs as my user. However, Linux has the /proc directory, and particularly /proc/{pid}/mem and /proc/{pid}/maps. Any process created with my user id can access this, and I do no… Continue reading Is it possible to hide a secret value from my own processes on Linux?
Funny things can happen when a security researcher and an electronics engineer specializing in high-speed circuits get together. At least they did when [Limpkin] met [Roman], which resulted in two …read more Continue reading Current-Based Side-Channel Attacks, Two Ways
I’d like to test cryptographic implementations in FPGA against power analysis. Not being all that handy with hardware and such, I’m looking for an easy solution. What I’ve come across thus far:
ChipWhisper (https://www.newae.com/chipwhi… Continue reading Simple setups for side-channel analysis
Section 3.2.3 of the Fetch standard provides some guidance about how servers can/should handle preflight requests.
A successful HTTP response, i.e., one where the server developer intends to share it, to a CORS request can use any status,… Continue reading Are timing-based side-channel attacks against the server during CORS preflight a legitimate concern?
Referring to Introduction to differential power analysis (Paul Kocher, Joshua Jaffe, Benjamin Jun, Pankaj Rohatgi)
[…]
Because the amount of power used by a device is influenced by the data being processed, power consumption measurement… Continue reading How can differential power analysis (DPA) still work without "sufficient" measurement resolution?
The question is mainly stated in the title. I was wondering what kind of attacks can be launched on such a setup, where someone has access to a running OS with locked screen (needs password for the user to enter). One possibility I can thi… Continue reading What type of attacks can be carried against an OS with FDE, if we assume OS and FDE are implemented correctly?
Here on Hackaday, we routinely cover wonderful informative writeups on different areas of hardware hacking, and we even have our own university with courses that delve into topics one by …read more Continue reading Books You Should Read: The Hardware Hacker’s Handbook
I wonder why certification (common criteria and stuff like that) of security critical hardware that is meant to be used in datacenters (e.g. link encryptors) includes some tests related to TEMPEST attacks.
It seems to me that the actual te… Continue reading Why does certification for datacenter equipment test for TEMPEST?