Tag: security

Side-Channel Attack on LLC

Introduction

This semester I am taking a Cyber Security class and for the final assignment, I was tasked with performing a side-channel attack on a computer’s LLC(Last Level Cache).

Much like the last assignment to simulate quantum key encryption, there are two parts to the assignment. I was to create both a program and write a short report on the assignment. My report should cover both the theory behind the attack and the effectiveness of the program I created. To write the report I used LaTeX as I have found it to be a very effective tool this semester. I am writing the program for this assignment in Java though most languages should be effective.

What is a Side-Channel Attack?

First off I should explain what a side channel attack is. A side-channel attack is a method by which one can infer information about a computer or a program using indirect methods. If you want to learn more about side-channel attacks I would highly recommend reading about the Meltdown and Spectre vulnerabilities. The example for this assignment is inferring the size of the LLC of a computer’s CPU. Therefore to perform a side channel attack I must find an indirect way to infer the size of a computer’s LLC.

My Side-Channel Attack

After reading the article we were provided with when given the assignment I then decided on using differently sized arrays. I will measure the time needed to access data in the array and this should allow me to infer the cache size. I will step through the different sizes of arrays and measure a value for each. Plotting these values should allow me to see a spike in time which means we are having cache misses.

I used arrays from 1Kb in size up to 64Mb doubling at each step. For each size I will run 100 tests, each test will consist of incrementing values in the array 1 million times. Each test will be timed and the times for each size will be averaged. This should allow us to get an accurate value for each size without running into any outliers.

We will use two different methods to determine which element of an array we access. A random method, and a sequential method. This is another requirement of the assignment is that I test multiple methods for my attack.

Side-Channel Attack output
Output of Random Access Side-Channel Attack

The Report

I wrote a short report (5-page limit) on my methodology for the attack and the results I got from said attacks. I wrote this report using LaTeX as I have found it to be a very useful tool this semester. Included in the report were graphs of my results and an analysis of my results for each method. If you wish to read it in full the PDF is available below.

main.pdfDownload

Disclaimer

Though it should go without saying I will say. This is all for purely educational purposes. Do not run software of this kind on any systems you do not have permission to use. Also, ensure when testing software of this kind you are doing so in a secure environment and are in compliance with all local laws and regulations.

Quantum Key Encryption Simulation in Java

Introduction

The goal of this assignment was to simulate symmetric Quantum Key Encryption. We did this by creating a Qubit class and using that to generate the key that is to be used in the XOR class we create. This will allow us to pass messages without exposing their content to the outside world. I decided to do this in Java as it is what I have the most experience in.

Qubit Class

This part of the assignment was quite simple as we were given a UML diagram for the class and were able to simply create the class based on that. It is a simple object that allows for the storage of a value and a polarisation. There is also a measure method that returns the value if the polarisation matches else it generates a new random polarisation and then returns the value.

XOR Class

This was just a simple matter of applying an XOR operation to the message using the key repeated to the end of the message.

The Encryption Algorithm

I decided to break this down into three parts. A transmitter class, a receiver class, and the main method. The transmitter creates a random stream of bytes. Then the receiver takes that stream of qubits and using random polarisation generates its stream of qubits using the values from the transmitter’s random polarisation.  Then the transmitter passes back the new qubits and each generates its key. Both keys should match. Then the main method performs the XOR encryption and decryption.

Testing

I wrote a few simple unit tests throughout the creation of this project using jUnit. These helped me to ensure all parts of the software were working as I intended and allowed me to better identify issues and bugs I found while creating software.

Encryption Unit Testing
JUnit test

Conclusion

This project was quite fun and it was interesting to learn about some of the lesser-known parts of computer science such as Quantum Computing and Encyrption. I learned a lot and look forward to studying some parts of this a bit further.