The cache memory book (2nd ed.): the authoritative reference on cache design
The cache memory book (2nd ed.): the authoritative reference on cache design
A note on the confinement problem
Communications of the ACM
The Design of Rijndael
Lattice Scheduling and Covert Channels
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A refined look at Bernstein's AES side-channel analysis
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Operating Systems Concepts
Side channel cryptanalysis of product ciphers
Journal of Computer Security
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
New cache designs for thwarting software cache-based side channel attacks
Proceedings of the 34th annual international symposium on Computer architecture
Proceedings of the 44th annual Design Automation Conference
Yet another MicroArchitectural Attack:: exploiting I-Cache
Proceedings of the 2007 ACM workshop on Computer security architecture
Deconstructing new cache designs for thwarting software cache-based side channel attacks
Proceedings of the 2nd ACM workshop on Computer security architectures
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Cache Timing Analysis of LFSR-Based Stream Ciphers
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Cache Timing Attacks on Clefia
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
New branch prediction vulnerabilities in openSSL and necessary software countermeasures
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Analysis of countermeasures against access driven cache attacks on AES
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
A fast and cache-timing resistant implementation of the AES
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
New results on instruction cache attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Improved trace-driven cache-collision attacks against embedded AES implementations
WISA'10 Proceedings of the 11th international conference on Information security applications
Compiler mitigations for time attacks on modern x86 processors
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
Trace-driven cache attacks on AES (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Cache-collision timing attacks against AES
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Predicting secret keys via branch prediction
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Cache based remote timing attack on the AES
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Proceedings of the 39th Annual International Symposium on Computer Architecture
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Cross-VM side channels and their use to extract private keys
Proceedings of the 2012 ACM conference on Computer and communications security
An analytical model for time-driven cache attacks
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Improvement of trace-driven I-Cache timing attack on the RSA algorithm
Journal of Systems and Software
Unraveling timewarp: what all the fuzz is about?
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Countering AES static s-box attack
Proceedings of the 6th International Conference on Security of Information and Networks
Cache-Access pattern attack on disaligned AES t-tables
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Access privacy and correctness on untrusted storage
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.01 |
An access-driven attack is a class of cache-based side channel analysis. Like the time-driven attack, the cache's timings are under inspection as a source of information leakage. Access-driven attacks scrutinize the cache behavior with a finer granularity, rather than evaluating the overall execution time. Access-driven attacks leverage the ability to detect whether a cache line has been evicted, or not, as the primary mechanism for mounting an attack. In this paper we focus on the case of AES and we show that the vast majority of processors suffer from this cache-based vulnerability. Our best results are indeed performed on a processor without the multi-threading capabilities -- in contrast to previous works in this area that had suggested that multi-threading actually improved, or even made possible, this class of attack. Despite some technical difficulties required to mount such attacks, our work shows that access-driven cache-based attacks are becoming easier to understand and analyze. Also, when such attacks are mounted against systems performing AES, only a very limited number of encryptions are required to recover the whole key with a high probability of success, due to our last round analysis from the ciphertext.