HomeЛюди и блогиRelated VideosMore From: Black Hat

Side-Channel Attacks on Everyday Applications

131 ratings | 9290 views
by Taylor Hornby In 2013, Yuval Yarom and Katrina Falkner discovered the FLUSH+RELOAD L3 cache side-channel. So far it has broken numerous implementations of cryptography including, notably, the AES and ECDSA in OpenSSL and the RSA GnuPG. Given FLUSH+RELOAD's astounding success at breaking cryptography, we're lead to wonder if it can be applied more broadly, to leak useful information out of regular applications like text editors and web browsers whose main functions are not cryptography. In this talk, I'll briefly describe how the FLUSH+RELOAD attack works, and how it can be used to build input distinguishing attacks. In particular, I'll demonstrate how when the user Alice browses around the top 100 Wikipedia pages, the user Bob can spy on which of those pages she's visiting. This isn't an earth-shattering attack, but as the code I'm releasing shows, it can be implemented reliably. My goal is to convince the community that side channels, FLUSH+RELOAD in particular, are useful for more than just breaking cryptography. The code I'm releasing is a starting point for developing better attacks. If you have access to a vulnerable CPU running a suitable OS, you should be able to reproduce the attack within minutes after watching the talk and downloading the code.
Html code for embedding videos on your blog
Text Comments (4)
Opinion Discarded (2 months ago)
Is Qubes OS kill?
JEAN PIERRE 1 (6 months ago)
HI i have a kind of what you call a remote controlled computer i dont know it can transmit a lot of data remotely without my wifi and bluetooth card but it looks like the badbios i have the same problem on my iphone and mac book air and laptop on windows it is real and invisible to me from the system
Nathan Smith (7 months ago)
it's weird how much I'd prefer him to pronounce flush + reload as "flush & reload" instead of "flush, plus, reload" :|
Nithin Bharadwaj (10 months ago)
@Taylor Hornby - The light bulb reference at 10:30, Could you please advise if its an analogy to identify when Alice would run the BAR and the BAZ functions?

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.