Abstract
Cache attacks are a special form of implementation attacks and focus on the exploitation of weaknesses in the implementation of a specific algorithm. We demonstrate an access-driven cache attack, which is based on the analysis of memory-access patterns due to the T-table accesses of the Advanced Encryption Standard (AES). Based on the work of Tromer et al. [20] we gather the cache-memory access patterns of AES T-table implementations and perform a pattern-matching attack in order to recover the used secret key. These T-tables usually do not start at memory addresses which are mapped to the beginning of a specific cache line. Thus, focusing on disaligned AES T-tables allows us to recover the whole secret key by considering only the first round of the AES. We apply the presented cache attack on a Google Nexus S smartphone, which employs a Cortex-A8 processor and runs a fully-functioning operating system. The attack is purely implemented in software and the only requirement is a rooted mobile device. To the best of our knowledge, we are the first to launch an access-driven attack on an ARM Cortex-A processor. Based on our observations of the gathered access patterns we also present an enhancement, which in some cases allows us to recover the secret key without a subsequent brute-force key search.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES. IACR Cryptology ePrint Archive, 2006:138 (2006)
ARM Ltd. ARM Architecture Reference Manual, ARMv7-A and ARMv7-R ed., ARM DDI 0406 A (April 2007)
ARM Ltd. ARM Technical Reference Manual, Cortex-A8, Revision: r3p2, ARM DDI 0344K (May 2010)
ARM Ltd. Cortex-A Series Programmer’s Guide, Version: 2.0 (August 2011)
ARM Ltd. Cortex-A Series (2012), http://www.arm.com/products/processors/cortex-a/index.php
Bernstein, D.J.: Cache-timing attacks on AES (April 2005), http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: Information Technology: Coding and Computing, ITCC 2005, vol. 1, pp. 586–591. IEEE Computer Society (2005)
Bogdanov, A., Eisenbarth, T., Paar, C., Wienecke, M.: Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 235–251. Springer, Heidelberg (2010)
Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks Against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)
Gallais, J.-F., Kizhvatov, I.: Error-Tolerance in Trace-Driven Cache Collision Attacks. In: International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2011, pp. 222–232 (2011)
Gullasch, D., Bangerter, E., Krenn, S.: Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In: IEEE Symposium on Security and Privacy, SP 2011, pp. 490–505. IEEE Computer Society (2011)
Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security 8(2-3), 141–158 (2000)
Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Lauradoux, C.: Collision attacks on processors with cache and countermeasures. In: Western European Workshop on Research in Cryptology, WEWoRC 2005, pp. 76–85 (2005)
National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001), http://www.itl.nist.gov/fipspubs/
Neve, M., Seifert, J.-P.: Advances on Access-Driven Cache Attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)
OpenSSL Software Foundation. OpenSSL Project (2012), http://www.openssl.org/
Page, D.: Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02-003, University of Bristol, Department of Computer Science (June 2002), http://www.cs.bris.ac.uk/Publications/Papers/1000625.pdf
Rebeiro, C., Poddar, R., Datta, A., Mukhopadhyay, D.: An Enhanced Differential Cache Attack on CLEFIA for Large Cache Lines. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 58–75. Springer, Heidelberg (2011)
Tromer, E., Osvik, D.A., Shamir, A.: Efficient Cache Attacks on AES, and Countermeasures. Journal of Cryptology 23(1), 37–71 (2010)
Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES Implemented on Computers with Cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)
Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: International Symposium on Information Theory and Its Applications, ISITA (October 2002)
Weiß, M., Heinz, B., Stumpf, F.: A Cache Timing Attack on AES in Virtualization Environments. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 314–328. Springer, Heidelberg (2012)
Zhao, X., Wang, T.: Improved Cache Trace Attack on AES and CLEFIA by Considering Cache Miss and S-box Misalignment. IACR Cryptology ePrint Archive 2010, 56 (2010)
Zhao, X., Wang, T., Mi, D., Zheng, Y., Lun, Z.: Robust First Two Rounds Access Driven Cache Timing Attack on AES. In: International Conference on Computer Science and Software Engineering, CSSE 2008, pp. 785–788. IEEE Computer Society (2008)
Zhao, X., Wang, T., Zheng, Y.: Cache Timing Attacks on Camellia Block Cipher. IACR Cryptology ePrint Archive 2009, 354 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Spreitzer, R., Plos, T. (2013). Cache-Access Pattern Attack on Disaligned AES T-Tables. In: Prouff, E. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2013. Lecture Notes in Computer Science, vol 7864. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40026-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-40026-1_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40025-4
Online ISBN: 978-3-642-40026-1
eBook Packages: Computer ScienceComputer Science (R0)