Overview
Explore the world of Last Level Cache (LLC) attacks in this 20-minute conference talk from USENIX Enigma 2017. Delve into the security concerns posed by cache attacks, which can compromise cryptographic keys and user privacy. Learn about the Flush and Reload and Prime and Probe techniques, their requirements, and potential targets in everyday software. Examine various attack scenarios, including IaaS and PaaS environments, Web browsing JavaScript attacks, trusted execution environments, and cross-smartphone application vulnerabilities. Evaluate the effectiveness of preventive measures at network, software, OS/hypervisor, and hardware levels to safeguard against these sophisticated threats.
Syllabus
Intro
Last Level Cache Attacks: Feasibility Trend?
Why Attack LLC?
The Flush and Reload Attack
The Prime and Probe Attack
How to Retrieve Information?
Malicious Javascript Execution
Trusted Execution Environments
Malicious Smartphones Applications
Avoiding Collisions in the LLC
Key Takeaways
Taught by
USENIX Enigma Conference