Skip to main content
SpringerLink
Log in

Attacking AES Using Bernstein’s Attack on Modern Processors

  • Conference paper
Progress in Cryptology – AFRICACRYPT 2013 (AFRICACRYPT 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7918))

Included in the following conference series:

Abstract

The Advanced Encryption Standard (AES) was selected by NIST due to its heavy resistance against classical cryptanalysis like differential and linear cryptanalysis. Even after the appearance of the modern side-channel attacks like timing and power consumption side-channel attacks, NIST claimed that AES is not vulnerable to timing attacks. In 2005, Bernstein [6] has successfully attacked the OpenSSL AES implementation on a Pentium III processor and completely retrieved the full AES key using his cache timing side-channel attack. This paper reproduces Bernstein’s attack on Pentium Dual-Core and Core 2 Duo processors. We have successfully attacked the AES implemented in the latest OpenSSL release 1.0.1c using the most recent GCC compiler 4.7.0 running on both Windows and Linux in some seconds by sending 222 plaintexts at most. We improved Bernstein’s first round attack by using 2 way measurements. Instead of using only the above average timing information, we added the above minimum timing information which significantly improved the results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Acıiçmez, O., Koç, Ç.: Trace-driven cache attacks on AES (short paper). Information and Communications Security, 112–121 (2006)

    Google Scholar 

  2. Acıiçmez, O., Koç, K.: Microarchitectural attacks and countermeasures. Cryptographic Engineering, 475–504 (2009)

    Google Scholar 

  3. Acıiçmez, O., Schindler, W., Koç, Ç.K.: Cache based remote timing attack on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. Acıiçmez, O., Schindler, W., Koç, Ç.: Improving Brumley and Boneh timing attack on unprotected SSL implementations. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 139–146. ACM (2005)

    Google Scholar 

  5. Bar-El, H.: Introduction to side channel attacks, vol. 43. Discretix Technologies Ltd. (2003)

    Google Scholar 

  6. Bernstein, D.: Cache-timing attacks on AES (2005), http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  7. Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasure. In: International Conference on Information Technology: Coding and Computing, ITCC 2005, vol. 1, pp. 586–591. IEEE (2005)

    Google Scholar 

  8. Bonneau, J.: Robust final-round cache-trace attacks against AES. Tech. rep., Citeseer (2006)

    Google Scholar 

  9. Bonneau, J., Mironov, I.: Cache-collision timing attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Brumley, D., Boneh, D.: Remote timing attacks are practical. In: Proceedings of the 12th Conference on USENIX Security Symposium, vol. 12, p. 1. USENIX Association (2003)

    Google Scholar 

  11. Canteaut, A., Lauradoux, C., Seznec, A.: Understanding cache attacks (2006)

    Google Scholar 

  12. Gallais, J., Kizhvatov, I., Tunstall, M.: Improved trace-driven cache-collision attacks against embedded AES implementations. Information Security Applications, 243–257 (2011)

    Google Scholar 

  13. Gullasch, D., Bangerter, E., Krenn, S.: Cache games–bringing access-based cache attacks on AES to practice. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 490–505. IEEE (2011)

    Google Scholar 

  14. Jayasinghe, D., Fernando, J., Herath, R., Ragel, R.: Remote cache timing attack on Advanced Encryption Standard and countermeasures. In: 2010 5th International Conference on Information and Automation for Sustainability (ICIAFs), pp. 177–182. IEEE (2010)

    Google Scholar 

  15. Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 97–110. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  16. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  17. Lauradoux, C.: Collision attacks on processors with cache and countermeasures. In: Western European Workshop on Research in Cryptology WEWoRC, vol. 5, pp. 76–85 (2005)

    Google Scholar 

  18. MIRACL: Multiprecision Integer and Rational Arithmetic C/C++ Library. Shamus Software Ltd., Dublin, http://www.shamus.ie

  19. Mowery, K., Keelveedhi, S., Shacham, H.: Are AES x86 cache timing attacks still feasible? In: Proceedings of the 2012 ACM Workshop on Cloud Computing Security Workshop, pp. 19–24. ACM (2012)

    Google Scholar 

  20. Nechvatal, J., Barker, E., Bassham, L., Burr, W., Dworkin, M., Foti, J., Roback, E.: Report on the development of the Advanced Encryption Standard (AES). Journal of Research of the National Institute of Standards and Technology 106(3) (2001), http://archive.org/details/jresv106n3p511

  21. Neve, M., Seifert, J.-P.: Advances on access-driven cache attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  22. Neve, M., Seifert, J., Wang, Z.: Cache time-behavior analysis on AES. In: Selected Area of Cryptology (2006)

    Google Scholar 

  23. Neve, M., Seifert, J., Wang, Z.: A refined look at Bernstein’s AES side-channel analysis. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications security. pp. 369–369. ACM (2006)

    Google Scholar 

  24. O’Hanlon, M., Tonge, A.: Investigation of cache timing attacks on AES. School of Computing, Dublin City University (2005)

    Google Scholar 

  25. OpenSSL: The open source toolkit for SSL/TLS, http://www.openssl.org

  26. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: The case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  27. Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Tech. rep., Citeseer (2002)

    Google Scholar 

  28. Page, D.: Defending against cache-based side-channel attacks. Information Security Technical Report 8(1), 30–44 (2003)

    Article  Google Scholar 

  29. Percival, C.: Cache missing for fun and profit. In: BSDCan 2005 (2005)

    Google Scholar 

  30. Rebeiro, C., Mondal, M., Mukhopadhyay, D.: Pinpointing cache timing attacks on AES. In: 23rd International Conference on VLSI Design, VLSID 2010, pp. 306–311. IEEE (2010)

    Google Scholar 

  31. Rijmen, V., Bosselaers, A., Barreto, P.: Optimised ANSI C code for the Rijndael cipher (now AES). Public domain software (2000), http://fastcrypto.org/front/misc/rijndael-alg-fst.c

  32. Tiri, K., Acıiçmez, O., Neve, M., Andersen, F.: An analytical model for time-driven cache attacks. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 399–413. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  33. Tromer, E., Osvik, D., Shamir, A.: Efficient cache attacks on AES, and countermeasures. Journal of Cryptology 23(1), 37–71 (2009)

    Article  MathSciNet  Google Scholar 

  34. Tsunoo, Y.: Cryptanalysis of block ciphers implemented on computers with cache. In: Preproceedings of ISITA 2002 (2002)

    Google Scholar 

  35. Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  36. Zhao, X., Wang, T.: Improved cache trace attack on AES and CLEFIA by considering cache miss and S-box misalignment. Tech. rep., Cryptology ePrint Archive, Report 2010/056 (2010)

    Google Scholar 

  37. Zhao, X., Wang, T., Dong, M., Yuanyuan, Z., Zhaoyang, L.: Robust first two rounds access driven cache timing attack on AES. In: 2008 International Conference on Computer Science and Software Engineering, vol. 3, pp. 785–788. IEEE (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Faculty of Science, Cairo University, Giza, 12613, Egypt

    Hassan Aly & Mohammed ElGayyar

Authors
  1. Hassan Aly
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammed ElGayyar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Concordia Institute for Information Systems Engineering, Concordia University, 1515 St. Catherine Street West, H3G 2W1, Montreal, QC, Canada

    Amr Youssef

  2. Laboratoire de Mathématiques Nicolas Oresme, Université de Caen Basse-Normandie, BP 5186, 14032, Caen, France

    Abderrahmane Nitaj

  3. Department of Information Technology, Cairo University, 5 Dr. Ahmed Zewil Street, 12613, Cairo, Giza, Egypt

    Aboul Ella Hassanien

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Aly, H., ElGayyar, M. (2013). Attacking AES Using Bernstein’s Attack on Modern Processors. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds) Progress in Cryptology – AFRICACRYPT 2013. AFRICACRYPT 2013. Lecture Notes in Computer Science, vol 7918. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38553-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38553-7_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38552-0

  • Online ISBN: 978-3-642-38553-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation