SUSTech|Library
CAS Log-in | Log-in | 中文版| RSS Feeds | Atom Feeds
中文版 | English
   注册
Title

PwrLeak: Exploiting Power Reporting Interface for Side-Channel Attacks on AMD SEV

Author
Wang,Wubing1; Li,Mengyuan1; Zhang,Yinqian2; Lin,Zhiqiang1
Corresponding AuthorLin,Zhiqiang
DOI
10.1007/978-3-031-35504-2_3
Publication Years
2023
ISSN
0302-9743
EISSN
1611-3349
Source Title
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume
13959 LNCS
Pages
46-66
Abstract
An increasing number of Trusted Execution Environment (TEE) is adopting to a variety of commercial products for protecting data security on the cloud. However, TEEs are still exposed to various side-channel vulnerabilities, such as execution order-based, timing-based, and power-based vulnerabilities. While recent hardware is applying various techniques to mitigate order-based and timing-based side-channel vulnerabilities, power-based side-channel attacks remain a concern of hardware security, especially for the confidential computing settings where the server machines are beyond the control of cloud users. In this paper, we present PwrLeak, an attack framework that exploits AMD’s power reporting interfaces to build power side-channel attacks against AMD Secure Encrypted Virtualization (SEV)-protected VM. We design and implement the attack framework with three general steps: (1) identify the instruction running inside AMD SEV, (2) apply a power interpolator to amplify power consumption, including an emulation-based interpolator for analyzing purposes and a more general interrupt-based interpolator, and (3) infer secrets with various analysis approaches. A case study of using the emulation-based interpolator to infer the whole JPEG images processed by libjpeg demonstrates its ability to help analyze power consumption inside SEV VM. Our end-to-end attacks against Intel’s Integrated Performance Primitives (Intel IPP) library indicates that PwrLeak can be exploited to infer RSA private keys with over 80% accuracy using the interrupt-based interpolator.
SUSTech Authorship
Others
Language
English
URL[Source Record]
Scopus EID
2-s2.0-85164251302
Data Source
Scopus
Citation statistics
Cited Times [WOS]:0
Document TypeConference paper
Identifierhttp://kc.sustech.edu.cn/handle/2SGJ60CL/560246
Affiliation
1.The Ohio State University,Columbus,43210,United States
2.Southern University of Science and Technology,Shenzhen,Guangdong,518055,China
Recommended Citation
GB/T 7714
Wang,Wubing,Li,Mengyuan,Zhang,Yinqian,et al. PwrLeak: Exploiting Power Reporting Interface for Side-Channel Attacks on AMD SEV[C],2023:46-66.
Files in This Item:
There are no files associated with this item.
Related Services
Fulltext link
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Export to Excel
Export to Csv
Altmetrics Score
Google Scholar
Similar articles in Google Scholar
[Wang,Wubing]'s Articles
[Li,Mengyuan]'s Articles
[Zhang,Yinqian]'s Articles
Baidu Scholar
Similar articles in Baidu Scholar
[Wang,Wubing]'s Articles
[Li,Mengyuan]'s Articles
[Zhang,Yinqian]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[Wang,Wubing]'s Articles
[Li,Mengyuan]'s Articles
[Zhang,Yinqian]'s Articles
Terms of Use
No data!
Social Bookmark/Share
All comments (0)
[COMMENT/DISAGREEMENT/FEEDBACK]
No comment.

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.