Side Channel Attacks Flashcards
How can run time be used to perform an attack?
Code may be comparing inputted value to a secret value, where the more of the inputted value is correct, the longer the comparison takes. Secret value can be brute force by trying every possible value for the first part of the inputted value, and finding the value that takes the longest to finish comparing. Repeat this to get the whole value.
How can you protect against a run time attack?
Make any comparison functions take a constant amount of time.
How can power consumption be used to perform an attack?
Different operations use different amount of power. Therefore, if program has branches, you can see which branch the program has taken based on the power consumption.
How can you prevent a power consumption attack?
Remove branches from the program, so that it always performs the same operations no matter the input.
What is transient execution?
Lines of a program can be executed in parallel if they are do not require the result from another instruction. If there is an error or change in branch, the state of the program is rolled back. This can include loading data into cache which the program shouldn’t have access to, but only realises this after it has been loaded into cache. The state of the cache does not get rolled back.