The Design of Rijndael
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Power Analysis, What Is Now Possible...
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Serpent: A New Block Cipher Proposal
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Electromagnetic Analysis: Concrete Results
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
AES Power Attack Based on Induced Cache Miss and Countermeasure
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
Improving Brumley and Boneh timing attack on unprotected SSL implementations
Proceedings of the 12th ACM conference on Computer and communications security
A refined look at Bernstein's AES side-channel analysis
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Improving cache attacks by considering cipher structure
International Journal of Information Security
Side channel cryptanalysis of product ciphers
Journal of Computer Security
Remote timing attacks are practical
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Advances on access-driven cache attacks on AES
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Yet another MicroArchitectural Attack:: exploiting I-Cache
Proceedings of the 2007 ACM workshop on Computer security architecture
Light-Weight Instruction Set Extensions for Bit-Sliced Cryptography
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Deconstructing new cache designs for thwarting software cache-based side channel attacks
Proceedings of the 2nd ACM workshop on Computer security architectures
A novel cache architecture with enhanced performance and security
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Cache Timing Analysis of LFSR-Based Stream Ciphers
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Cache Timing Attacks on Clefia
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Cryptographic side-channels from low-power cache memory
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
A fast and cache-timing resistant implementation of the AES
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
A predictive model for cache-based side channels in multicore and multithreaded microprocessors
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
A cache trace attack on CAMELLIA
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
Compiler mitigations for time attacks on modern x86 processors
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks
ACM Transactions on Architecture and Code Optimization (TACO) - HIPEAC Papers
Trace-driven cache attacks on AES (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Cache based remote timing attack on the AES
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Are AES x86 cache timing attacks still feasible?
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
An analytical model for time-driven cache attacks
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Side channel vulnerability metrics: the promise and the pitfalls
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Security testing of a secure cache design
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Implementing side-channel attacks on suggest boxes in web applications
Proceedings of the First International Conference on Security of Internet of Things
Attacks on implementations of cryptographic algorithms: side-channel and fault attacks
Proceedings of the 6th International Conference on Security of Information and Networks
Cache-Access pattern attack on disaligned AES t-tables
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Remote cache-timing attacks against AES
Proceedings of the First Workshop on Cryptography and Security in Computing Systems
SN-SEC: a secure wireless sensor platform with hardware cryptographic primitives
Personal and Ubiquitous Computing
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
| Hi-index | 0.00 |
This paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. We define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented should be applicable to most high-speed software AES implementations and computing platforms, we have implemented them against OpenSSL v. 0.9.8.(a) running on Pentium III, Pentium IV Xeon, and UltraSPARC III+ machines. The most powerful attack has been shown under optimal conditions to reliably recover a full 128-bit AES key with 213 timing samples, an improvement of almost four orders of magnitude over the best previously published attacks of this type [Ber05]. While the task of defending AES against all timing attacks is challenging, a small patch can significantly reduce the vulnerability to these specific attacks with no performance penalty.