TY - GEN
T1 - Cache Side-Channel Attack on Mail User Agent
AU - Kim, Hodong
AU - Yoon, Hyundo
AU - Shin, Youngjoo
AU - Hur, Junbeom
N1 - Funding Information:
ACKNOWLEDGMENT This work was supported by Institute of Information communications Technology Planning Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation)
Publisher Copyright:
© 2020 IEEE.
PY - 2020/1
Y1 - 2020/1
N2 - MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.
AB - MUA (Mail User Agent) programs support email encryption functionality for providing confidentiality of the email contents. They encrypt email contents using email encryption standards such as OpenPGP or S/MIME, mostly implemented by GnuPG, or GPG in practice. In order to understand security implication of the structures and analyze any possible vulnerabilities of MUA programs, in this paper, we investigated practical MUAs supporting e-mail encryption. As a result, we found severe vulnerabilities in a list of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over third-party cryptographic libraries they adopt. In order to substantiate the importance of the vulnerability we found, we delivered FLUSH+RELOAD attack on those MUA programs and demonstrated that the attack restores 92% of the RSA private keys when recipients read a single encrypted email.
KW - Cache side-channel attack
KW - SW vulnerability
KW - mail user agent
UR - http://www.scopus.com/inward/record.url?scp=85082119707&partnerID=8YFLogxK
U2 - 10.1109/ICOIN48656.2020.9016619
DO - 10.1109/ICOIN48656.2020.9016619
M3 - Conference contribution
AN - SCOPUS:85082119707
T3 - International Conference on Information Networking
SP - 236
EP - 238
BT - 34th International Conference on Information Networking, ICOIN 2020
PB - IEEE Computer Society
T2 - 34th International Conference on Information Networking, ICOIN 2020
Y2 - 7 January 2020 through 10 January 2020
ER -