Skip to main content
Springer Nature Link
Log in

Cache Timing Analysis of LFSR-Based Stream Ciphers

  • Conference paper
Cryptography and Coding (IMACC 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5921))

Included in the following conference series:

Abstract

Cache timing attacks are a class of side-channel attacks that is applicable against certain software implementations. They have generated significant interest when demonstrated against the Advanced Encryption Standard (AES), but have more recently also been applied against other cryptographic primitives.

In this paper, we give a cache timing cryptanalysis of stream ciphers using word-based linear feedback shift registers (LFSRs), such as Snow, Sober, Turing, or Sosemanuk. Fast implementations of such ciphers use tables that can be the target for a cache timing attack. Assuming that a small number of noise-free cache timing measurements are possible, we describe a general framework showing how the LFSR state for any such cipher can be recovered using very little computational effort. For the ciphers mentioned above, we show how this knowledge can be turned into efficient cache-timing attacks against the full ciphers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Berbain, C., Billet, O., Canteaut, A., Courtois, N., Gilbert, H., Goubin, L., Gouget, A., Granboulan, L., Lauradoux, C., Minier, M., Pornin, T., Sibert, H.: SOSEMANUK, a fast software-oriented stream cipher. eStream submission (2005), http://www.ecrypt.eu.org/stream/sosemanuk.html

  2. Bernstein, D.: Cache timing attacks on AES (2005), http://cr.yp.to/papers.html#cachetiming

  3. Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasure. In: International Symposium on Information Technology: Coding and Computing (ITCC 2005), vol. 1, pp. 586–591. IEEE Computer Society, Los Alamitos (2005)

    Chapter  Google Scholar 

  4. Blömer, J., Krummel, V.: Analysis of countermeasures against access driven cache attacks on AES. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 96–109. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Bonneau, J., Mironov, I.: Cache-collision timing attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Brickell, E., Graunke, G., Neve, M., Seifert, S.: Software mitigations to hedge AES against cache-based software side-channel vulnerabilities (2006), http://eprint.iacr.org/2006/052.pdf

  7. Canteaut, A., Lauradoux, C., Seznec, A.: Understanding cache attacks. Technical Report 5881, INRIA (2006)

    Google Scholar 

  8. Ekdahl, P., Johansson, T.: SNOW - a new stream cipher. NESSIE project submission, http://www.it.lth.se/cryptology/snow/

  9. Ekdahl, P., Johansson, T.: A new version of the stream cipher SNOW. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 47–61. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  10. Gierlichs, B., Batina, L., Clavier, C., Eisenbarth, T., Gouget, A., Handschuh, H., Kasper, T., Lemke-Rust, K., Mangard, S., Moradi, A., Oswald, E.: Susceptibility of eSTREAM candidates towards side channel analysis. In: de Cannière, C., Dunkelmann, O. (eds.) SASC 2008 Workshop Record, pp. 123–150 (2008)

    Google Scholar 

  11. Hawkes, P., Rose, G.: Primitive specification for Sober-128, http://www.qualcomm.com.au/Sober128.html

  12. Lidl, R., Niederreiter, H.: Finite Fields. Cambridge University Press, Cambridge (1997)

    Google Scholar 

  13. Neve, M., Seifert, J.: Advances on access-driven cache attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  14. Neve, M., Seifert, J., Wang, Z.: Cache time-behavior analysis on AES (2006), http://www.cryptologie.be/document/Publications/AsiaCSS_full_06.pdf

  15. Neve, M., Seifert, J., Wang, Z.: A refined look at bernstein’s AES side-channel analysis. In: Proc. AsiaCSS 2006, p. 369. ACM, New York (2006)

    Google Scholar 

  16. O’Hanlon, M., Tonge, A.: Investigation of cache-timing attacks on AES (2005), http://www.computing.dcu.ie/research/papers/2005/0105.pdf

  17. Osvik, D., Shamir, A., Tromer, E.: Cache attacks and countermeasures: The case of AES (2005), http://eprint.iacr.org/2005/271.pdf

  18. Osvik, D., Shamir, A., Tromer, E.: Cache attacks and countermeasures: The case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  19. Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Technical Report CSTR-02-003, University of Bristol (June 2002), http://www.cs.bris.ac.uk/Publications/pub_info.jsp?id=1000625

  20. Percival, C.: Cache missing for fun and profit. Paper accompanying a talk at BSDCan 2005 (2005), http://www.daemonology.net/papers/htt.pdf

  21. Rose, G., Hawkes, P.: Turing: A fast stream cipher. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 290–306. Springer, Heidelberg (2003)

    Google Scholar 

  22. Salembier, R.: Analysis of cache timing attacks against AES. Scholarly Paper, ECE Department, George Mason University, Virginia (May 2006), http://ece.gmu.edu/courses/ECE746/project/F06_Project_resources/Salembier_Cache_Timing_Attack.pdf

  23. Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miayuchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)

    Google Scholar 

  24. Tsunoo, Y., Tsujihara, E., Minematsu, K., Miayuchi, H.: Cryptanalysis of block ciphers implemented on computers with cache. In: Proc. ISITA 2002 (2002)

    Google Scholar 

  25. Wang, Z., Lee, R.: New cache designs for thwarting software cache-based side channel attacks. In: Proc. ISCA 2007, June 2007, pp. 494–505. ACM, New York (2007)

    Chapter  Google Scholar 

  26. Zenner, E.: A cache timing analysis of HC-256. In: Avanzi, R., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 199–213. Springer, Heidelberg (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Technical University of Denmark,  

    Gregor Leander & Erik Zenner

  2. Qualcomm Incorporated,  

    Philip Hawkes

Authors
  1. Gregor Leander
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Erik Zenner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Philip Hawkes
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. The Selmer Centre Department of Informatics, University of Bergen, P.O. Box 7800, N-5020, Bergen, Norway

    Matthew G. Parker

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Leander, G., Zenner, E., Hawkes, P. (2009). Cache Timing Analysis of LFSR-Based Stream Ciphers. In: Parker, M.G. (eds) Cryptography and Coding. IMACC 2009. Lecture Notes in Computer Science, vol 5921. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10868-6_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10868-6_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10867-9

  • Online ISBN: 978-3-642-10868-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics