Alejandro Cabrera Aldaya
YOU?
Author Swipe
View article: HyperDegrade Proof-of-Concept
HyperDegrade Proof-of-Concept Open
Summary This document is for reproducing one of the research results from the paper "HyperDegrade: From GHz to MHz Effective CPU Frequencies", to appear at the 31st USENIX Security Symposium (USENIX Sec 2022). It is for reproducing the res…
View article: Online Template Attacks: Revisited - PoC
Online Template Attacks: Revisited - PoC Open
Intro This PoC simulates an Online Template Attack against wolfSSL v4.4.0 side-channel protected ECC scalar multiplication implementation. It demonstrates the feasibility of one the attacks carried out in the paper Online Template Attacks:…
View article: HyperDegrade: From GHz to MHz Effective CPU Frequencies
HyperDegrade: From GHz to MHz Effective CPU Frequencies Open
Performance degradation techniques are an important complement to side-channel attacks. In this work, we propose HyperDegrade -- a combination of previous approaches and the use of simultaneous multithreading (SMT) architectures. In additi…
View article: CVE-2020-12399: research data and tooling
CVE-2020-12399: research data and tooling Open
This dataset and software tools are for reproducing the research results related to CVE-2020-12399, resulting from the manuscript "Déjà vu: Side-channel analysis of Mozilla's NSS", to appear at ACM CCS 2020. The data is from a remote timin…
View article: CVE-2020-12399: research data and tooling
CVE-2020-12399: research data and tooling Open
This dataset and software tools are for reproducing the research results related to CVE-2020-12399, resulting from the manuscript "Déjà vu: Side-channel analysis of Mozilla's NSS", to appear at ACM CCS 2020. The data is from a remote timin…
View article: Microarchitecture Online Template Attacks
Microarchitecture Online Template Attacks Open
Online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has been only analyzed in the realm of power-consumption and EM side-channels, where the signals le…
View article: From A to Z: Projective coordinates leakage in the wild
From A to Z: Projective coordinates leakage in the wild Open
At EUROCRYPT 2004, Naccache et al. showed that the projective coordinates representation of the resulting point of an elliptic curve scalar multiplication potentially allows to recover some bits of the scalar. However, this attack has rece…
View article: From A to Z: Projective coordinates leakage in the wild
From A to Z: Projective coordinates leakage in the wild Open
At EUROCRYPT 2004, Naccache et al. showed that the projective coordinates representation of the resulting point of an elliptic curve scalar multiplication potentially allows to recover some bits of the scalar. However, this attack has rece…
View article: From A to Z: Projective coordinates leakage in the wild: research data and tooling
From A to Z: Projective coordinates leakage in the wild: research data and tooling Open
Description This dataset and software tool are for reproducing the research results related to CVE-2020-10932 and CVE-2020-11735, resulting from the article "From A to Z: Projective coordinates leakage in the wild" (to appear at CHES 2020)…
View article: From A to Z: Projective coordinates leakage in the wild: research data and tooling
From A to Z: Projective coordinates leakage in the wild: research data and tooling Open
Description This dataset and software tool are for reproducing the research results related to CVE-2020-10932 and CVE-2020-11735, resulting from the article "From A to Z: Projective coordinates leakage in the wild" (to appear at CHES 2020)…
View article: CVE-2019-1547: research data and tooling
CVE-2019-1547: research data and tooling Open
This dataset and software tool are for reproducing the research results related to CVE-2019-1547, resulting from the manuscript "Certified Side Channels". The data was used to produce Figure 4 in the paper and is part of the remote timing …
View article: CVE-2019-1547: research data and tooling
CVE-2019-1547: research data and tooling Open
This dataset and software tool are for reproducing the research results related to CVE-2019-1547, resulting from the manuscript "Certified Side Channels". The data was used to produce Figure 4 in the paper and is part of the remote timing …
View article: CVE-2019-1547: research data and tooling
CVE-2019-1547: research data and tooling Open
This dataset and software tool are for reproducing the research results related to CVE-2019-1547, resulting from the manuscript "Certified Side Channels". The data was used to produce Figure 4 in the paper and is part of the remote timing …
View article: When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA
When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA Open
Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provides a strong isolation from an adversarial OS, however, does not guarantee protection against side-channel attacks. In this paper, we analy…
View article: When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA
When one vulnerable primitive turns viral: Novel single-trace attacks on ECDSA and RSA Open
Microarchitecture based side-channel attacks are common threats nowadays. Intel SGX technology provides a strong isolation from an adversarial OS, however, does not guarantee protection against side-channel attacks. In this paper, we analy…
View article: CVE-2019-18222: research data and tooling
CVE-2019-18222: research data and tooling Open
This dataset and software tool are for reproducing the research results related to CVE-2019-18222. Description enum contains the key enumeration tool. kt_candidates contains the JSON for blinded nonce candidates, indexed by trial number. J…
View article: CVE-2019-18222: research data and tooling
CVE-2019-18222: research data and tooling Open
This dataset and software tool are for reproducing the research results related to CVE-2019-18222. Description enum contains the key enumeration tool. kt_candidates contains the JSON for blinded nonce candidates, indexed by trial number. J…
View article: Certified Side Channels
Certified Side Channels Open
We demonstrate that the format in which private keys are persisted impacts Side Channel Analysis (SCA) security. Surveying several widely deployed software libraries, we investigate the formats they support, how they parse these keys, and …
View article: Cache-Timing Attacks on RSA Key Generation
Cache-Timing Attacks on RSA Key Generation Open
During the last decade, constant-time cryptographic software has quickly transitioned from an academic construct to a concrete security requirement for real-world libraries. Most of OpenSSL’s constant-time code paths are driven by cryptosy…
View article: Cache-Timing Attacks on RSA Key Generation
Cache-Timing Attacks on RSA Key Generation Open
During the last decade, constant-time cryptographic software has quickly transitioned from an academic construct to a concrete security requirement for real-world libraries. Most of OpenSSL’s constant-time code paths are driven by cryptosy…
View article: Port Contention for Fun and Profit
Port Contention for Fun and Profit Open
Simultaneous Multithreading (SMT) architectures are attractive targets for side-channel enabled attackers, with their inherently broader attack surface that exposes more per physical core microarchitecture components than cross-core attack…
View article: Side‐channel analysis of the modular inversion step in the RSA key generation algorithm
Side‐channel analysis of the modular inversion step in the RSA key generation algorithm Open
Summary This paper studies the security of the RSA key generation algorithm with regard to side‐channel analysis and presents a novel approach that targets the simple power analysis (SPA) vulnerabilities that may exist in an implementation…