
The 9 Lives of Bleichenbacher’s CAT: New Cache Attacks on TLS Implementations [pdf] - shshhdhs
https://eprint.iacr.org/2018/1173.pdf
======
DyslexicAtheist
that's quite a constraint:

 _" The first capability an adversary needs is to mount a microarchitectural
side channel attack against a vulnerable implementation. For that, the
adversary needs the ability to execute code on the machine that runs the
victim’s implementation."_

~~~
cjg
A few lines below: "For example, a TLS server running in a virtual machine on
a public cloud server, where the physical server hardware is shared between
the victim’s TLS server and an attacker’s virtual machine."

~~~
DyslexicAtheist
blimey! that makes it too realistic indeed :(

~~~
SAI_Peregrinus
Just as Spectre and Meltdown were bigger threats for cloud/serverless systems,
this is also. A dedicated server is a vast increase in security. I suspect
these attacks may be the start of the distributed/centralized pendulum (for
hosting) swinging back towards distributed, at least in some areas .

