Protecting Elliptic Curve Cryptography Against Memory Disclosure Attacks | |
Yang, Yang ; Guan, Zhi ; Liu, Zhe ; Chen, Zhong | |
2015 | |
关键词 | Elliptic curve cryptography Efficient implementation Memory disclosure attack Cold boot attack AVX CLMUL BITS |
英文摘要 | In recent years, memory disclosure attacks, such as cold boot attack and DMA attack, have posed huge threats to cryptographic applications in real world. In this paper, we present a CPU-bounded memory disclosure attacks resistant yet efficient software implementation of elliptic curves cryptography on general purpose processors. Our implementation performs scalar multiplication using CPU registers only in kernel level atomatically to prevent the secret key and intermediate data from leaking into memory. Debug registers are used to hold the private key, and kernel is patched to restrict access to debug registers. We take full advantage of the AVX and CLMUL instruction sets to speed up the implementation. When evaluating the proposed implementation on an Intel i7-2600 processor (at a frequency of 3.4GHz), a full scalar multiplication over binary fields for key length of 163 bits only requires 129 aes, which outperforms the unprotected implementation in the well known OpenSSL library by a factor of 78.0%. Furthermore, our work is also flexible for typical Linux applications. To the best of our knowledge, this is the first practical ECC implementation which is resistant against memory disclosure attacks so far.; EI; CPCI-S(ISTP); yangyang@infosec.pku.edu.cn; guanzhi@infosec.pku.edu.cn; zhe.liu@uni.lu; chen@infosec.pku.edu.cn; 49-60; 8958 |
语种 | 英语 |
出处 | INFORMATION AND COMMUNICATIONS SECURITY, ICICS 2014 |
DOI标识 | 10.1007/978-3-319-21966-0_4 |
内容类型 | 其他 |
源URL | [http://ir.pku.edu.cn/handle/20.500.11897/423594] |
专题 | 信息科学技术学院 |
推荐引用方式 GB/T 7714 | Yang, Yang,Guan, Zhi,Liu, Zhe,et al. Protecting Elliptic Curve Cryptography Against Memory Disclosure Attacks. 2015-01-01. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论