Timing attack
In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical ope
Tempest (codename)
TEMPEST is a U.S. National Security Agency specification and a NATO certification referring to spying on information systems through leaking emanations, including unintentional radio or electrical sig
Meltdown (security vulnerability)
Meltdown is one of the two original transient execution CPU vulnerabilities (the other being Spectre). Meltdown affects Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocess
TRESOR
TRESOR (recursive acronym for "TRESOR Runs Encryption Securely Outside RAM", and also the German word for a safe) is a Linux kernel patch which provides encryption using only the CPU to defend against
Spectre (security vulnerability)
Spectre refers to one of the two original transient execution CPU vulnerabilities (the other being Meltdown), which involve microarchitectural timing side-channel attacks. These affect modern micropro
Lazy FP state restore
Lazy FPU state leak (CVE-2018-3665), also referred to as Lazy FP State Restore or LazyFP, is a security vulnerability affecting Intel Core CPUs. The vulnerability is caused by a combination of flaws i
Foreshadow
Foreshadow, known as L1 Terminal Fault (L1TF) by Intel, is a vulnerability that affects modern microprocessors that was first discovered by two independent teams of researchers in January 2018, but wa
Pacman (security vulnerability)
Pacman (stylized PACMAN or PacMan) is an exploit that takes advantage of a hardware bug in the speculative execution function of the Apple M1 processors which was made public on June 10, 2022 by MIT s
Speculative Store Bypass
Speculative Store Bypass (SSB) (CVE-2018-3639) is the name given to a hardware security vulnerability and its exploitation that takes advantage of speculative execution in a similar way to the Meltdow
Power analysis
Power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device. These attacks rely on basic physical properties of the device: s
DMA attack
A DMA attack is a type of side channel attack in computer security, in which an attacker can penetrate a computer or other device, by exploiting the presence of high-speed expansion ports that permit
SWAPGS (security vulnerability)
SWAPGS, also known as Spectre variant 1 (swapgs), is a computer security vulnerability that utilizes the branch prediction used in modern microprocessors. Most processors use a form of speculative exe
TLBleed
TLBleed is a cryptographic side-channel attack that uses machine learning to exploit a timing side-channel via the translation look-aside buffer (TLB) on modern microprocessors that use simultaneous m
Microarchitectural Data Sampling
The Microarchitectural Data Sampling (MDS) vulnerabilities are a set of weaknesses in Intel x86 microprocessors that use hyper-threading, and leak data across protection boundaries that are architectu
Hardware security bug
In digital computing, hardware security bugs are hardware bugs or flaws that create vulnerabilities affecting computer central processing units (CPUs), or other devices which incorporate programmable
Cold boot attack
In computer security, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer performs a memory dum
Side-channel attack
In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than fl
Electromagnetic attack
In cryptography, electromagnetic attacks are side-channel attacks performed by measuring the electromagnetic radiation emitted from a device and performing signal analysis on it. These attacks are a m
Pass the hash
In computer security, pass the hash is a hacking technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LanMan hash of a user's password, inste
Acoustic cryptanalysis
Acoustic cryptanalysis is a type of side channel attack that exploits sounds emitted by computers or other devices. Most of the modern acoustic cryptanalysis focuses on the sounds produced by computer
Differential fault analysis
Differential fault analysis (DFA) is a type of active side-channel attack in the field of cryptography, specifically cryptanalysis. The principle is to induce faults—unexpected environmental condition
Transient execution CPU vulnerability
Transient execution CPU vulnerabilities are vulnerabilities in a computer system in which a speculative execution optimization implemented in a microprocessor is exploited to leak secret data to an un
Load value injection
Load value injection (LVI) is an attack on Intel microprocessors that can be used to attack Intel's Software Guard Extensions (SGX) technology. It is a development of the previously known Meltdown sec
Lucky Thirteen attack
A Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation, first reported in February 2013 by i