Abstract
To deliver real world cryptographic applications, we are increasingly reliant on security guarantees from both the underlying mathematics and physical implementation. The micro-processors that execute such applications are often designed with a focus on performance, area or power consumption. This strategy neglects physical security, a fact that has recently been exploited by a new breed of micro-architectural side-channel attacks. We introduce a new attack within this class which targets the use of low power cache memories. Although such caches offer an attractive compromise between performance and power consumption within mobile computing devices, we show that they permit attack where a more considered design strategy would not.
The work described in this paper has been supported by the EPSRC under grant EP/E001556/1 and, in part, by the European Commission through the IST Programme under contract IST-2002-507932 ECRYPT. The information in this paper reflects only the authors’ views, is provided as is and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acıiçmez, O.: Yet Another MicroArchitectural Attack: Exploiting I-cache. In: Cryptology ePrint Archive, Report 2007/164 (2007)
Acıiçmez, O., Gueron, S., Seifert, J-P.: New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures. In: Cryptology ePrint Archive, Report 2007/039 (2007)
Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES. In: Cryptology ePrint Archive, Report 2006/138 (2006)
Acıiçmez, O., Koç, Ç.K., Seifert, J-P.: On the Power of Simple Branch Prediction Analysis. Cryptology ePrint Archive Report 2006/351 (2006)
Acıiçmez, O., Seifert, J-P., Koç, Ç.K.: Predicting Secret Keys via Branch Prediction. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 225–242. Springer, Heidelberg (2006)
Acıiçmez, O., Schindler, W., Koç., Ç.K.: Cache Based Remote Timing Attacks on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006)
Agosta, G., Pelosi, G.: Countermeasures for the Simple Branch Prediction Analysis. In: Cryptology ePrint Archive, Report 2006/482 (2006)
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)
Bernstein, D.J.: Cache-timing Attacks on AES, http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC. IEEE Conference on Information Technology: Coding and Computing (2005)
Bonneau, J.: Robust Final-Round Cache-Trace Attacks Against AES. In: Cryptology ePrint Archive, Report 2006/374 (2006)
Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks Against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)
Brickell, E., Graunke, G., Neve, M., Seifert, J-P.: Software Mitigations to Hedge AES Against Cache-based Software Side Channel Vulnerabilities. In: Cryptology ePrint Archive, Report 2006/052 (2006)
Flautner, K., Kim, N.S., Martin, S., Blaauw, D., Mudge, T.N.: Drowsy Caches: Simple Techniques for Reducing Leakage Power. In: ISCA. International Symposium on Computer Architecture, pp. 148–157 (2002)
Hu, W.M.: Lattice Scheduling and Covert Channels. In: IEEE Symposium on Security and Privicy, pp. 52–61. IEEE Computer Society Press, Los Alamitos (1992)
Intel Corporation. Intel i960 Jx Processor Documentation, http://www.intel.com/design/i960/documentation/
Intel Corporation. Intel XScale Processor Documentation, http://www.intel.com/design/intelxscale/
Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security 8(2-3), 141–158 (2000)
Kim, N.S., Flautner, K., Blaauw, D., Mudge, T.N.: Drowsy Instruction Caches: Leakage Power Reduction using Dynamic Voltage Scaling and Cache Sub-bank Prediction. In: MICRO. International Symposium on Microarchitecture, pp. 219–230 (2002)
Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Montgomery, P.L.: Modular Multiplication Without Trial Division. Mathematics of Computation 44, 519–521 (1985)
Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and Countermeasures: the Case of AES. Cryptology ePrint Archive, Report 2005/271 (2005)
Page, D.: Defending Against Cache Based Side-Channel Attacks. Information Security Technical Report, 8 (1), 30–44 (2003)
Page, D.: Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Cryptology ePrint Archive, Report 2002/169 (2002)
Patterson, D.A., Hennessy, J.L.: Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Francisco (2006)
Percival, C.: Cache Missing For Fun And Profit, http://www.daemonology.net/papers/htt.pdf
Trostle, J.T.: Timing Attacks Against Trusted Path. In: IEEE Symposium on Security and Privicy, pp. 125–134. IEEE Computer Society Press, Los Alamitos (1998)
Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES Implemented on Computers with Cache. In: D.Walter, C., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)
Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: ISITA. International Symposium on Information Theory and Its Applications (2002)
Powell, M., Yang, S.-H., Falsafi, B., Roy, K., Vijaykumar, T.N.: Gated-Vdd: A circuit technique to reduce leakage in deep-submicron cache memories. In: Proc. of Int. Symp. Low Power Electronics and Design (2000)
Li, Y., Parikh, D., Zhang, Y., Sankaranarayanan, K., Stan, M., Skadron, K.: State-Preserving vs. Non-State-Preserving Leakage Control in Caches. Design, Automation and Test in Europe (DATE), 22–29 (2004)
University of Michigan Sim-Panalyzer 2.0.3, http://www.eecs.umich.edu/~panalyzer/
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power Analysis Attacks of Modular Exponentiation in Smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)
Koç, Ç.K., Acar, T., Kaliski, B.S.: Analyzing and Comparing Montgomery Multiplication Algorithms. IEEE Micro 16(3), 26–33 (1996)
Burger, D., Austin, T.M.: The SimpleScalar Tool Set Version 2.0. Computer Architecture News (1997)
Zhang, Y., Parikh, D., Sankaranarayanan, K., Skadron, K., Stan, M.: Hotleakage: A temperature-aware model of subthreshold and gate leakage for architects, http://lava.cs.virginia.edu/HotLeakage/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Grabher, P., Großschädl, J., Page, D. (2007). Cryptographic Side-Channels from Low-Power Cache Memory. In: Galbraith, S.D. (eds) Cryptography and Coding. Cryptography and Coding 2007. Lecture Notes in Computer Science, vol 4887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77272-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-77272-9_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77271-2
Online ISBN: 978-3-540-77272-9
eBook Packages: Computer ScienceComputer Science (R0)