Cache Side-Channel Attack on Mail User Agent

Hodong Kim; Hyundo Yoon; Youngjoo Shin; Junbeom Hur

doi:10.1109/ICOIN48656.2020.9016619

Cache Side-Channel Attack on Mail User Agent

Hodong Kim, Hyundo Yoon, Youngjoo Shin, Junbeom Hur

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Citations (Scopus)

Abstract

MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.

Original language	English
Title of host publication	34th International Conference on Information Networking, ICOIN 2020
Publisher	IEEE Computer Society
Pages	236-238
Number of pages	3
ISBN (Electronic)	9781728141985
DOIs	https://doi.org/10.1109/ICOIN48656.2020.9016619
Publication status	Published - 2020 Jan
Event	34th International Conference on Information Networking, ICOIN 2020 - Barcelona, Spain Duration: 2020 Jan 7 → 2020 Jan 10

Publication series

Name	International Conference on Information Networking
Volume	2020-January
ISSN (Print)	1976-7684

Conference

Conference	34th International Conference on Information Networking, ICOIN 2020
Country/Territory	Spain
City	Barcelona
Period	20/1/7 → 20/1/10

Bibliographical note

Funding Information:
ACKNOWLEDGMENT This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation)

Publisher Copyright:
© 2020 IEEE.

Keywords

Cache side-channel attack
SW vulnerability
mail user agent

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Access to Document

10.1109/ICOIN48656.2020.9016619

Cite this

Cache Side-Channel Attack on Mail User Agent. / Kim, Hodong; Yoon, Hyundo; Shin, Youngjoo et al.
34th International Conference on Information Networking, ICOIN 2020. IEEE Computer Society, 2020. p. 236-238 9016619 (International Conference on Information Networking; Vol. 2020-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, H, Yoon, H, Shin, Y & Hur, J 2020, Cache Side-Channel Attack on Mail User Agent. in 34th International Conference on Information Networking, ICOIN 2020., 9016619, International Conference on Information Networking, vol. 2020-January, IEEE Computer Society, pp. 236-238, 34th International Conference on Information Networking, ICOIN 2020, Barcelona, Spain, 20/1/7. https://doi.org/10.1109/ICOIN48656.2020.9016619

@inproceedings{ecd3142310954a20aa1f06a43be3bbf5,

title = "Cache Side-Channel Attack on Mail User Agent",

abstract = "MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.",

keywords = "Cache side-channel attack, SW vulnerability, mail user agent",

author = "Hodong Kim and Hyundo Yoon and Youngjoo Shin and Junbeom Hur",

note = "Funding Information: ACKNOWLEDGMENT This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation) Publisher Copyright: {\textcopyright} 2020 IEEE.; 34th International Conference on Information Networking, ICOIN 2020 ; Conference date: 07-01-2020 Through 10-01-2020",

year = "2020",

month = jan,

doi = "10.1109/ICOIN48656.2020.9016619",

language = "English",

series = "International Conference on Information Networking",

publisher = "IEEE Computer Society",

pages = "236--238",

booktitle = "34th International Conference on Information Networking, ICOIN 2020",

}

TY - GEN

T1 - Cache Side-Channel Attack on Mail User Agent

AU - Kim, Hodong

AU - Yoon, Hyundo

AU - Shin, Youngjoo

AU - Hur, Junbeom

N1 - Funding Information: ACKNOWLEDGMENT This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation) Publisher Copyright: © 2020 IEEE.

PY - 2020/1

Y1 - 2020/1

N2 - MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.

AB - MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.

KW - Cache side-channel attack

KW - SW vulnerability

KW - mail user agent

UR - http://www.scopus.com/inward/record.url?scp=85082119707&partnerID=8YFLogxK

U2 - 10.1109/ICOIN48656.2020.9016619

DO - 10.1109/ICOIN48656.2020.9016619

M3 - Conference contribution

AN - SCOPUS:85082119707

T3 - International Conference on Information Networking

SP - 236

EP - 238

BT - 34th International Conference on Information Networking, ICOIN 2020

PB - IEEE Computer Society

T2 - 34th International Conference on Information Networking, ICOIN 2020

Y2 - 7 January 2020 through 10 January 2020

ER -

Cache Side-Channel Attack on Mail User Agent

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this