all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SCRAMBLE-CFI: Mitigating Fault-Induced Control-Flow Attacks on OpenTitan. (arXiv:2303.03711v1 [cs.CR])

Add to bookmarks
March 8, 2023, 2:10 a.m. | Pascal Nasahl, Stefan Mangard

cs.CR updates on arXiv.org arxiv.org

Secure elements physically exposed to adversaries are frequently targeted by
fault attacks. These attacks can be utilized to hijack the control-flow of
software allowing the attacker to bypass security measures, extract sensitive
data, or gain full code execution. In this paper, we systematically analyze the
threat vector of fault-induced control-flow manipulations on the open-source
OpenTitan secure element. Our thorough analysis reveals that current
countermeasures of this chip either induce large area overheads or still cannot
prevent the attacker from exploiting …

adversaries analysis area attacks bypass chip code code execution control countermeasures current data exposed extract flow hijack large security sensitive data software threat threat vector

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Dihedral Quantum Codes 1 day, 2 hours ago | arxiv.org
arxiv block class code +9
A Privacy Preserving System for Movie Recommendations Using Federated Learning 1 day, 2 hours ago | arxiv.org
arxiv businesses cs.cr cs.ir +20
VulLibGen: Identifying Vulnerable Third-Party Libraries via Generative Pre-Trained Model 1 day, 2 hours ago | arxiv.org
accelerate advisory arxiv cs.cr +24
Simultaneous Haar Indistinguishability with Applications to Unclonable Cryptography 1 day, 2 hours ago | arxiv.org
applications arxiv build cloning +11
SoK: Prudent Evaluation Practices for Fuzzing 1 day, 2 hours ago | arxiv.org
afl arxiv bugs concept +13
The Effect of Quantization in Federated Learning: A R\'enyi Differential Privacy Perspective 1 day, 2 hours ago | arxiv.org
arxiv can cs.cr cs.dc +15
Unveiling the Potential: Harnessing Deep Metric Learning to Circumvent Video Streaming Encryption 1 day, 2 hours ago | arxiv.org
arxiv attacks body cs.ai +16
SecureLLM: Using Compositionality to Build Provably Secure Language Models for Private, Sensitive, and Secret Data 1 day, 2 hours ago | arxiv.org
access arxiv back build +15
IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency 1 day, 2 hours ago | arxiv.org
adversaries arxiv attacks backdoor +22

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior Application Security Engineer, Application Security

@ Miro | Amsterdam, NL
View on infosec-jobs.com

SOC Analyst (m/w/d)

@ LANXESS | Leverkusen, NW, DE, 51373
View on infosec-jobs.com

Lead Security Solutions Engineer (Remote, North America)

@ Dynatrace | Waltham, MA, United States
View on infosec-jobs.com