Please use this identifier to cite or link to this item: http://hdl.handle.net/2440/108082
Type: Conference paper
Title: Flush+reload: a high resolution, low noise, l3 cache side-channel attack
Author: Yarom, Y.
Falkner, K.
Citation: Proceedings of the 23rd USENIX Security Symposium, 2014 / pp.719-732
Publisher: The USENIX Association
Issue Date: 2014
ISBN: 9781931971157
Conference Name: 23rd USENIX Security Symposium (20 Aug 2014 - 22 Aug 2014 : San Diego, United States)
Statement of
Responsibility: 
Yuval Yarom, Katrina Falkner
Abstract: Sharing memory pages between non-trusting processes is a common method of reducing the memory footprint of multi-tenanted systems. In this paper we demonstrate that, due to a weakness in the Intel X86 processors, page sharing exposes processes to information leaks. We present FLUSH+RELOAD, a cache side-channel attack technique that exploits this weakness to monitor access to memory lines in shared pages. Unlike previous cache side-channel attacks, FLUSH+RELOAD targets the Last- Level Cache (i.e. L3 on processors with three cache levels). Consequently, the attack program and the victim do not need to share the execution core. We demonstrate the efficacy of the FLUSH+RELOAD attack by using it to extract the private encryption keys from a victim program running GnuPG 1.4.13. We tested the attack both between two unrelated processes in a single operating system and between processes running in separate virtual machines. On average, the attack is able to recover 96.7% of the bits of the secret key by observing a single signature or decryption round.
Rights: © 2014 by The USENIX Association All Rights Reserved
RMID: 0030027196
Published version: https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/yarom
Appears in Collections:Computer Science publications

Files in This Item:
File Description SizeFormat 
RA_hdl_108082.pdfRestricted Access325.71 kBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.