CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Power Analysis in the Presence of Hardware Countermeasures
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Computer Architecture: A Quantitative Approach
Computer Architecture: A Quantitative Approach
Power analysis attacks and countermeasures for cryptographic algorithms
Power analysis attacks and countermeasures for cryptographic algorithms
AES Power Attack Based on Induced Cache Miss and Countermeasure
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Cache Timing Attacks on Clefia
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Improved trace-driven cache-collision attacks against embedded AES implementations
WISA'10 Proceedings of the 11th international conference on Information security applications
A cache trace attack on CAMELLIA
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Hi-index | 0.00 |
This paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on side-channel information gained by observing cache hits and misses in the current drawn by the smart card. Two different attacks are described. The first is a combination of ideas proposed in [2] and [11] to produce an attack that only requires the manipulation of the plain text and the observation of the current. The second is an attack based on specific implementations of the xtime function [10]. These attacks are shown to also work against algorithms using Boolean data masking techniques as a DPA countermeasure.