[Cryptography] 33C3: cash :-) attacks !
Kevin W. Wall
kevin.w.wall at gmail.com
Mon Jan 9 19:29:05 EST 2017
On Sun, Jan 8, 2017 at 2:27 PM, Henry Baker <hbaker1 at pipeline.com> wrote:
> FYI --
>
> https://media.ccc.de/v/33c3-8044-what_could_possibly_go_wrong_with_insert_x86_instruction_here
>
> https://cdn.media.ccc.de/congress/2016/h264-hd/33c3-8044-eng-What_could_possibly_go_wrong_with_insert_x86_instruction_here.mp4
>
> (55 mins; 327 MBytes)
>
> "What could possibly go wrong with <insert x86 instruction here>?
> Side effects include side-channel attacks and bypassing kernel ASLR"
>
> Clémentine Maurice and Moritz Lipp
So I just finished watching this. My initial thought is that between
this, rowhammer, FBI Rule 41, and NSLs, we are all pretty much screwed
as TLAs and nation states are pretty much always going to be able to
do this.
It still seems like a pretty esoteric attack that is unlikely to be most
attacker's _first_ choice, but as I don't see any simple mitigation for this--
short of disabling cache, which no one is likely to do except in very
rare cases--it seems like this is always going to be available as a last
resort and AV is not going to be able to detect it.
So what, if anything, do we do? Timing attacks are rare IRL, but
usually that's because there's almost always some easier way in. Since
I work in appsec, I'm always more interested in what we can do to
manage the risk. Any ideas?
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/ | Twitter: @KevinWWall
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list