Abstract
We show in this paper that the isolation characteristic of system virtualization can be bypassed by the use of a cache timing attack. Using Bernstein’s correlation in this attack, an adversary is able to extract sensitive keying material from an isolated trusted execution domain. We demonstrate this cache timing attack on an embedded ARM-based platform running an L4 microkernel as virtualization layer. An attacker who gained access to the untrusted domain can extract the key of an AES-based authentication protocol used for a financial transaction. We provide measurements for different public domain AES implementations. Our results indicate that cache timing attacks are highly relevant in virtualization-based security architectures, such as trusted execution environments.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES (Short Paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 112–121. Springer, Heidelberg (2006)
Acıiçmez, O., Schindler, W., Koç, Ç.K.: Cache Based Remote Timing Attack on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006)
ARM Limited. ARM Security Technology - Building a Secure System using TrustZone Technology, prd29-genc-009492c edition (April 2009)
Bailey, S.A., Felton, D., Galindo, V., Hauswirth, F., Hirvimies, J., Fokle, M., Morenius, F., Colas, C., Galvan, J.-P.: The trusted execution environment: Delivering enhanced security at a lower cost to the mobile market. Technical report. Global Platform Inc. (2011)
Barreto, P., Bosselaers, A., Rijmen, V.: Optimised ANSI C code for the Rijndael cipher, now AES (2000), http://fastcrypto.org/front/misc/rijndael-alg-fst.c
Bernstein, D.J.: Poly1305-AES for generic computers with IEEE floating point (February 2005), http://cr.yp.to/mac/53.html
Bernstein, D.J.: Cache-timing attacks on AES. Technical report (2005)
Bogdanov, A., Eisenbarth, T., Paar, C., Wienecke, M.: Differential cache-collision timing attacks on aes with applications to embedded cpus. In: The Cryptographer’s Track at RSA Conference, pp. 235–251 (2010)
Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks Against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)
Brumley, B.B., Hakala, R.M.: Cache-Timing Template Attacks. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 667–684. Springer, Heidelberg (2009)
Intel Corporation. Intel® virtualization technology list (accessed September 15 (2011), http://ark.intel.com/VTList.aspx
Brian Gladman (2008), http://gladman.plushost.co.uk/oldsite/AES/aes-byte-29-08-08.zip
GlobalPlatform Inc. TEE Client API Specification Version 1.0 (July 2010)
Gueron, S., Stronqin, G., Seifert, J.-P., Chiou, D., Sendag, R., Yi, J.J.: Where does security stand? new vulnerabilities vs. trusted computing. IEEE Micro 27(6), 25–35 (2007)
Gullasch, D., Bangerter, E., Krenn, S.: Cache Games – Bringing access-based cache attacks on AES to practice. In: IEEE Symposium on Security and Privacy, S&P 2011. IEEE Computer Society (2011)
Neve, M., Seifert, J.-P., Wang, Z.: A refined look at bernstein’s aes side-channel analysis. In: ASIACCS, p. 369 (2006)
Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)
Percival, C.: Cache missing for fun and profit. In: Proc. of BSDCan 2005 (2005)
Niyaz, P.K.: Advanced Encryption Standard implementation in C
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 199–212. ACM, New York (2009)
Smith, J., Nair, R.: Virtual Machines: Versatile Platforms for Systems and Processes. The Morgan Kaufmann Series in Computer Architecture and Design. Morgan Kaufmann Publishers Inc., San Francisco (2005)
The OpenSSL Project. OpenSSL: The Open Source toolkit for SSL/TLS (February 2011), http://www.openssl.org
TU Dresden Operating Systems Group. The Fiasco microkernel, http://os.inf.tu-dresden.de/fiasco/ (accessed April 6, 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Weiß, M., Heinz, B., Stumpf, F. (2012). A Cache Timing Attack on AES in Virtualization Environments. In: Keromytis, A.D. (eds) Financial Cryptography and Data Security. FC 2012. Lecture Notes in Computer Science, vol 7397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32946-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-32946-3_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32945-6
Online ISBN: 978-3-642-32946-3
eBook Packages: Computer ScienceComputer Science (R0)