Cache Attacks and Rowhammer on ARM

Publikation: StudienabschlussarbeitMasterarbeitForschung

Abstract

In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.
Originalspracheenglisch
Betreuer/-in / Berater/-in
  • Gruß, Daniel, Betreuer
PublikationsstatusVeröffentlicht - 2016

Fingerprint

Mobile devices
Personal computing

Schlagwörter

    Dies zitieren

    Cache Attacks and Rowhammer on ARM. / Lipp, Moritz.

    2016. 105 S.

    Publikation: StudienabschlussarbeitMasterarbeitForschung

    @phdthesis{210e95ddcf0043acb1fa9c00d8525848,
    title = "Cache Attacks and Rowhammer on ARM",
    abstract = "In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.",
    keywords = "side-channel attacks, cache attacks, rowhammer, mobile platforms, arm, prime+probe, flush+reload, evict+reload, flush+flush, Cross-CPU attack",
    author = "Moritz Lipp",
    year = "2016",
    language = "English",

    }

    TY - THES

    T1 - Cache Attacks and Rowhammer on ARM

    AU - Lipp, Moritz

    PY - 2016

    Y1 - 2016

    N2 - In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.

    AB - In the last years, mobile devices have become the most important personal computing platforms and, thus, it is especially important to protect sensitive information that is stored and processed on these devices. In this thesis, we discuss the applicability of cache attacks and the rowhammer bug on mobile devices. As these attacks have been considered infeasible on ARM-based devices, we demonstrate how to solve key challenges to mount the most powerful cache attacks Prime+Probe, Flush+Reload, Evict+Reload and Flush+Flush and how to induce bit flips. We show the power of these attacks by implementing a high-performance covert-channel, spying on user input and attacking cryptographic algorithms. Finally, we discuss possible countermeasures.

    KW - side-channel attacks

    KW - cache attacks

    KW - rowhammer

    KW - mobile platforms

    KW - arm

    KW - prime+probe

    KW - flush+reload

    KW - evict+reload

    KW - flush+flush

    KW - Cross-CPU attack

    M3 - Master's Thesis

    ER -