Discover published sets by community

Optical attacks involve collecting information from light emissions generated by a device. Example: Capturing the LED blink patterns of a router or a switch to infer activity or data being processed.

CEMA correlates the electromagnetic emissions with specific cryptographic operations to deduce keys. Example: Using a high-resolution EM probe to measure emissions during key generation and using statistical correlation to infer the encryption key.

These attacks exploit specific hardware processor designs to gain information about software processes. Example: Using techniques like Meltdown or Spectre to exploit CPU vulnerabilities and access sensitive data in the memory.

Acoustic cryptanalysis involves analyzing sounds emitted by a device to gain knowledge about the cryptographic keys or operations. Example: Using a high-sensitivity microphone to capture the sounds of a computer's CPU to analyze and extract encryption keys.

This attack relies on capturing electromagnetic emissions from a cryptographic device and using it to extract confidential data. Example: Using a small antenna to pick up EM emissions from a device to deduce encryption keys.

Cache attacks exploit information gained from the cache access patterns. An attacker could monitor the cache accesses made by a program to infer data or cryptographic keys. Example: A cache timing attack where an attacker measures the time taken to perform certain cryptographic operations to determine if a particular cache line was accessed or not.

Timing attacks involve measuring the time taken to execute cryptographic algorithms. An attacker could use these measurements to infer the secret key. Example: Observing how long it takes to decrypt messages to deduce a private RSA key.

Software-based cache attacks focus on using software to analyze cache behavior and deduce information. Example: Leveraging a spy program running on the same CPU to track access patterns and timings for cache hits and misses.

Rowhammer is a type of side-channel attack that exploits the physical properties of memory chips to alter data. Example: Repeatedly accessing memory rows to cause a bit flip in an adjacent row, potentially leading to privilege escalation on a system.

By analyzing patterns in network traffic, one can infer information about what is being transmitted. Example: Observing the size and timing of encrypted packets to determine the type of content being transmitted, even if the content itself is encrypted.

Fault injection attacks intentionally cause computing errors to happen to extract data or bypass security. Example: Glitching the power supply to a cryptographic processor to induce temporary malfunctions during encryption that reveal key information.

Simple Power Analysis observes the power consumption patterns of a single cryptographic operation. Example: Analyzing how simple operations, like key loading, affect power consumption to compromise a cryptographic algorithm.

Van Eck phreaking involves capturing electromagnetic signals to recreate the display output of a device remotely. Example: Using specialized equipment to capture electromagnetic emission from a computer monitor to reconstruct the displayed information without physical access.

Meltdown breaks the isolation between user applications and the operating system, allowing access to memory. Example: Exploiting out-of-order execution to access arbitrary system memory and potentially read sensitive data.

This attack exploits transactional memory systems to gain sensitive data through shared multi-threaded operations. Example: Monitoring the transaction failures in a multi-threaded application to infer locks in shared resources, thereby gaining information about the timing and values of other transactions.

Power analysis attacks are based on monitoring the power consumption patterns of a device while it processes cryptographic operations. Example: Using a Differential Power Analysis (DPA) attack to find the secret key of a hardware encryption device by analyzing power consumption traces.

Attackers exploit bugs in crypto-processors to extract keys or compromise operations. Example: Using a known vulnerability in a cryptographic library implementation on a crypto-processor to gain unintended access.

Memory bus monitoring involves analyzing the data traffic between CPU and memory to infer sensitive information. Example: Using physical probes or logic analyzers to capture the signals on a memory bus during cryptographic operations.

These attacks gather residual biometric data or infer biometric patterns through side channels. Example: Extracting fingerprints from a biometric scanner's remains or inferring typing patterns through motion sensors to gain unauthorized access.

Cache-timing attacks measure the time it takes for an algorithm to execute tasks involving cached data. Example: Measuring access time variations to deduce the activity of a cryptographic function, like AES.

These attacks take advantage of multi-tenant environments to extract data from co-located instances. Example: An attacker renting a virtual machine on the same physical host as the target to extract data via shared resources, like the CPU cache.

Thermal attacks analyze the heat dissipation patterns of a device performing cryptographic operations. Example: Using a thermal camera to capture the temperature distribution on a chip while processing cryptographic operations to extract keys.

DFA involves inducing faults in cryptographic algorithms and observing the different outputs to deduce information about the cryptographic keys. Example: Deliberately causing faults in a device while it performs encryption to extract the keys through the errors.

This attack uses statistical analysis on the timing information of cryptographic operations to deduce key bits. Example: Observing decryption or signing times over many operations to statistically infer the private RSA key.

Data remanence attacks recover data from memory that was not properly erased. Example: Cooling down DRAM to read residual data left after a device is turned off to recover encryption keys.

Reflection attacks involve tricking a cryptosystem into decrypting its own ciphertexts. Example: Manipulating a cryptographic protocol to use its response to one operation as input to another, potentially revealing key information in a poorly implemented system.

This attack uses laser beams to induce faults into a cryptographic system. Example: Focusing a laser on certain parts of a microchip during cryptographic computations to induce errors that help reverse-engineer the encryption.

This attack captures the sound of keystrokes to infer typed information. Example: Using audio recordings of keystrokes to figure out passwords or other sensitive input through sound analysis.