1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
@article{cap,
author = {Gilbert, Seth and Lynch, Nancy},
title = {Brewer's Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services},
year = {2002},
issue_date = {June 2002},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {33},
number = {2},
issn = {0163-5700},
url = {https://doi.org/10.1145/564585.564601},
doi = {10.1145/564585.564601},
abstract = {When designing distributed web services, there are three properties that are commonly desired: consistency, availability, and partition tolerance. It is impossible to achieve all three. In this note, we prove this conjecture in the asynchronous network model, and then discuss solutions to this dilemma in the partially synchronous model.},
journal = {SIGACT News},
month = jun,
pages = {51–59},
numpages = {9}
}
@misc{christodorescu2020twotier,
title={Towards a Two-Tier Hierarchical Infrastructure: An Offline Payment System for Central Bank Digital Currencies},
author={Mihai Christodorescu and Wanyun Catherine Gu and Ranjit Kumaresan and Mohsen Minaei and Mustafa Ozdayi and Benjamin Price and Srinivasan Raghuraman and Muhammad Saad and Cuy Sheffield and Minghua Xu and Mahdi Zamani},
year={2020},
eprint={2012.08003},
archivePrefix={arXiv},
primaryClass={cs.CR}
}
@InProceedings{chaum1988offine,
author="Chaum, David
and Fiat, Amos
and Naor, Moni",
editor="Goldwasser, Shafi",
title="Untraceable Electronic Cash",
booktitle="Advances in Cryptology --- CRYPTO' 88",
year="1990",
publisher="Springer New York",
address="New York, NY",
pages="319--327",
abstract="The use of credit cards today is an act of faith on the p a t of all concerned. Each party is vulnerable to fraud by the others, and the cardholder in particular has no protection against surveillance.",
isbn="978-0-387-34799-8"
}
@Article{calhoun2019puf,
AUTHOR = {Calhoun, Jeff and Minwalla, Cyrus and Helmich, Charles and Saqib, Fareena and Che, Wenjie and Plusquellic, Jim},
TITLE = {Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash)},
JOURNAL = {Cryptography},
VOLUME = {3},
YEAR = {2019},
NUMBER = {3},
ARTICLE-NUMBER = {18},
URL = {https://www.mdpi.com/2410-387X/3/3/18},
ISSN = {2410-387X},
DOI = {10.3390/cryptography3030018}
}
@misc{ecb2020digitaleuro,
title = {Report on a digital euro},
year = {2020},
month = {October},
howpublished = {\url{https://www.ecb.europa.eu/pub/pdf/other/Report_on_a_digital_euro~4d7268b458.en.pdf}},
}
@misc{chaum2021issue,
title={How to Issue a Central Bank Digital Currency},
author={David Chaum and Christian Grothoff and Thomas Moser},
year={2021},
eprint={2103.00254},
archivePrefix={arXiv},
primaryClass={econ.GN}
}
@inproceedings{chaum1988untraceable,
title={Untraceable electronic cash},
author={Chaum, David and Fiat, Amos and Naor, Moni},
booktitle={Conference on the Theory and Application of Cryptography},
pages={319--327},
year={1988},
organization={Springer}
}
@INPROCEEDINGS{samsung2017knox,
author={M. {Dorjmyagmar} and M. {Kim} and H. {Kim}},
booktitle={2017 19th International Conference on Advanced Communication Technology (ICACT)},
title={Security analysis of Samsung Knox},
year={2017},
volume={},
number={},
pages={550-553},
doi={10.23919/ICACT.2017.7890150}}
@INPROCEEDINGS{arm2016alias,
author={R. {Guanciale} and H. {Nemati} and C. {Baumann} and M. {Dam}},
booktitle={2016 IEEE Symposium on Security and Privacy (SP)},
title={Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures},
year={2016},
volume={},
number={},
pages={38-55},
abstract={Caches pose a significant challenge to formal proofs of security
for code executing on application processors, as the cache
access pattern of security-critical services may leak secret
information. This paper reveals a novel attack vector,
exposing a low-noise cache storage channel that can be
exploited by adapting well-known timing channel analysis
techniques. The vector can also be used to attack various
types of security-critical software such as hypervisors and
application security monitors. The attack vector uses
virtual aliases with mismatched memory attributes and
self-modifying code to misconfigure the memory system,
allowing an attacker to place incoherent copies of the same
physical address into the caches and observe which addresses
are stored in different levels of cache. We design and
implement three different attacks using the new vector on
trusted services and report on the discovery of an 128-bit
key from an AES encryption service running in TrustZone on
Raspberry Pi 2. Moreover, we subvert the integrity
properties of an ARMv7 hypervisor that was formally verified
against a cache-less model. We evaluate well-known
countermeasures against the new attack vector and propose a
verification methodology that allows to formally prove the
effectiveness of defence mechanisms on the binary code of
the trusted software.},
keywords={Security;Cache storage;Timing;Monitoring;Program processors;Virtual machine monitors;side channels;hypervisor;cache storage channels;verification},
doi={10.1109/SP.2016.11},
ISSN={2375-1207},
month={May},}
@inproceedings{arm2017boomerang,
title={BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments.},
author={Machiry, Aravind and Gustafson, Eric and Spensky, Chad and Salls, Christopher and Stephens, Nick and Wang, Ruoyu and Bianchi, Antonio and Choe, Yung Ryn and Kruegel, Christopher and Vigna, Giovanni},
booktitle={NDSS},
year={2017}
}
@article{zhang2016truspy,
title={TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices.},
author={Zhang, Ning and Sun, Kun and Shands, Deborah and Lou, Wenjing and Hou, Y Thomas},
journal={IACR Cryptol. ePrint Arch.},
volume={2016},
pages={980},
year={2016}
}
@Misc{sim2019,
author = {Security Research Labs},
title = {New SIM attacks de-mystified, protection tools now available },
howpublished = {\url{https://srlabs.de/bites/sim_attacks_demystified/}},
year = {2019},
}
@TechReport{intel2020sgx,
author = {Dan Goodin},
title = {Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more},
institution = {ARS Technica},
year = {2020},
}
@InProceedings{amd2019,
author = {Mengyuan Li and Yinqian Zhang and Zhiqiang Lin and Yan Solihin},
title = {Exploiting Unprotected I/O Operations inAMD’s Secure Encrypted Virtualization},
booktitle = {USENIX Security Symposium},
year = {2019},
}
@Misc{sim2020,
author = {Peter Buttler},
title = {WIB Vulnerability: Sim-Card that Allows Hackers to Takeover Phones},
howpublished = {\url{https://readwrite.com/2020/01/06/wib-vulnerability-sim-card-that-allows-hackers-to-takeover-phones/}},
month = {January},
year = {2020},
}
@Misc{intel2020sgaxe,
author = {Ravie Lakshmanan},
title = {Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks},
howpublished = {\url{https://thehackernews.com/2020/06/intel-sgaxe-crosstalk-attacks.html}},
month = {June},
year = {2020},
}
@Misc{intel2006survey,
author = {Alexander Nilsson and Pegah Nikbakht Bideh and Joakim Brorsson},
title = {A Survey of Published Attacks on Intel SGX},
howpublished = {\url{https://arxiv.org/pdf/2006.13598v1.pdf}},
year = {2006},
}
@inproceedings{arm2017clkscrew,
author = {Tang, Adrian and Sethumadhavan, Simha and Stolfo, Salvatore},
title = {CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management},
year = {2017},
isbn = {9781931971409},
publisher = {USENIX Association},
address = {USA},
abstract = {The need for power- and energy-efficient computing has resulted in aggressive cooperative hardware-software energy management mechanisms on modern commodity devices. Most systems today, for example, allow software to control the frequency and voltage of the underlying hardware at a very fine granularity to extend battery life. Despite their benefits, these software-exposed energy management mechanisms pose grave security implications that have not been studied before.In this work, we present the CLKSCREW attack, a new class of fault attacks that exploit the security-obliviousness of energy management mechanisms to break security. A novel benefit for the attackers is that these fault attacks become more accessible since they can now be conducted without the need for physical access to the devices or fault injection equipment. We demonstrate CLKSCREW on commodity ARM/Android devices. We show that a malicious kernel driver (1) can extract secret cryptographic keys from Trustzone, and (2) can escalate its privileges by loading self-signed code into Trustzone. As the first work to show the security ramifications of energy management mechanisms, we urge the community to re-examine these security-oblivious designs.},
booktitle = {Proceedings of the 26th USENIX Conference on Security Symposium},
pages = {1057–1074},
numpages = {18},
location = {Vancouver, BC, Canada},
series = {SEC'17}
}
@inproceedings{arm2016cache,
author = {Lipp, Moritz and Gruss, Daniel and Spreitzer, Raphael and Maurice, Cl\'{e}mentine and Mangard, Stefan},
title = {ARMageddon: Cache Attacks on Mobile Devices},
year = {2016},
isbn = {9781931971324},
publisher = {USENIX Association},
address = {USA},
abstract = {In the last 10 years, cache attacks on Intel x86 CPUs have gained increasing attention among the scientific community and powerful techniques to exploit cache side channels have been developed. However, modern smartphones use one or more multi-core ARM CPUs that have a different cache organization and instruction set than Intel x86 CPUs. So far, no cross-core cache attacks have been demonstrated on non-rooted Android smartphones. In this work, we demonstrate how to solve key challenges to perform the most powerful cross-core cache attacks Prime+Probe, Flush+Reload, Evict+Reload, and Flush+Flush on non-rooted ARM-based devices without any privileges. Based on our techniques, we demonstrate covert channels that outperform state-of-the-art covert channels on Android by several orders of magnitude. Moreover, we present attacks to monitor tap and swipe events as well as keystrokes, and even derive the lengths of words entered on the touchscreen. Eventually, we are the first to attack cryptographic primitives implemented in Java. Our attacks work across CPUs and can even monitor cache activity in the ARM TrustZone from the normal world. The techniques we present can be used to attack hundreds of millions of Android devices.},
booktitle = {Proceedings of the 25th USENIX Conference on Security Symposium},
pages = {549–564},
numpages = {16},
location = {Austin, TX, USA},
series = {SEC'16}
}
|
