Physical key extraction attacks on PCs

Daniel Genkin, Lev Pachmanov, Itamar Pipman, Adi Shamir, Eran Tromer

Research output: Contribution to journalArticlepeer-review

37 Scopus citations

Abstract

CRYPTOGRAPHY IS UBIQUITOUS. Secure websites and financial, personal communication, corporate, and national secrets all depend on cryptographic algorithms operating correctly. Builders of cryptographic systems have learned (often the hard way) to devise algorithms and protocols with sound theoretical analysis, write software that implements them correctly, and robustly integrate them with the surrounding applications. Consequentially, direct attacks against state-of-the-art cryptographic software are getting increasingly difficult. For attackers, ramming the gates of cryptography is not the only option. They can instead undermine the fortification by violating basic assumptions made by the cryptographic software. One such assumption is software can control its outputs. Our programming courses explain that programs produce their outputs through designated interfaces (whether print, write, send, or mmap); so, to keep a secret, the software just Copyright held by authors.

Original languageEnglish
Pages (from-to)70-79
Number of pages10
JournalCommunications of the ACM
Volume59
Issue number6
DOIs
StatePublished - Jun 2016

Fingerprint

Dive into the research topics of 'Physical key extraction attacks on PCs'. Together they form a unique fingerprint.

Cite this