Overview
Explore the world of side-channel attacks in this 24-minute Black Hat conference talk. Delve into the FLUSH+RELOAD L3 cache side-channel discovered by Yuval Yarom and Katrina Falkner in 2013, and its implications beyond cryptography. Learn how this technique can be applied to leak information from everyday applications like text editors and web browsers. Discover how to implement input distinguishing attacks, with a specific demonstration on spying user activity on Wikipedia pages. Gain insights into the attack's mechanics, its potential applications, and the speaker's goal to broaden the community's perspective on side-channel attacks. Access code to reproduce the attack and understand its real-world implications. Cover topics including VoIP, acoustic cryptanalysis, cross-user account key logging, and practical demonstrations of the technique.
Syllabus
Start
Cryptography
VoIP
Acoustic Crypt Analysis
SideChannel Attacks
New Attack
lynx
Input distinguishing attack
How it works
Background
Flush Plus Reload
Cross User Account Key Logger
Calculator Spy
Demo
How to use Flush Reload
Where to put the light bulbs
WhatScarlett sees
Experiments
Demonstration
Question Answer
Taught by
Black Hat