Skip to main content
SpringerLink
Log in

IPA: an Instruction Profiling–Based Micro-architectural Side-Channel Attack on Block Ciphers

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Hardware performance counters (HPCs) are present in most modern processors and provide an interface to user-level processes to monitor their performance in terms of the number of micro-architectural events, executed during the process execution. In this paper, we analyze the leakage from these HPC events and present a new micro-architectural side-channel attack that observes the number of instruction counts during the execution of an encryption algorithm as side-channel information to recover the secret key. This paper explores the fact that the instruction counts can act as a side channel and then describes the instruction profiling attack (IPA) methodology with the help of two block ciphers, namely AES and CLEFIA, on Intel and AMD processors. We follow the principles of profiled instruction attacks and show that the proposed attack is more potent than the well-known cache timing attacks in literature. We also perform experiments on ciphers implemented with popular time fuzzing schemes to subvert timing attacks. Our results show that while the countermeasure successfully stops leakages through the timing channels, it is vulnerable to the instruction profiling attack. We validate our claims by detailed experiments on contemporary Intel and AMD platforms to demonstrate that seemingly benign instruction counts can serve as side channels even for block cipher implementations that are hardened against timing attacks. In addition to it, we present detailed experimentation to analyze the rationale behind the attack and also explore the performance of IPA on a countermeasure designed to subvert the cache-based attacks considering a case study on CLEFIA.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Aciiċmez O (2007) Yet another microarchitectural attack:: exploiting i-cache. In: Proceedings of the 2007 ACM workshop on computer security architecture, pp 11–18. ACM

  2. Acıiċmez O, Schindler W, Koċ ĊK (2007) Cache based remote timing attack on the aes. In: Cryptographers’ track at the RSA conference, pp 271–286. Springer

  3. Barreto P. (2003) The aes block cipher in c++. website

  4. Bernstein DJ (2005) Cache-timing attacks on aes

  5. Bhattacharya S, Rebeiro C, Mukhopadhyay D (2013) Unraveling timewarp: What all the fuzz is about?. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, pp 8. ACM

  6. Cox M, Engelschall R, Henson S, Laurie B et al (2002) The openssl project. Google Scholar

  7. Dongarra J, Jagode H, Moore S, Mucci P, Ralph J, Terpstra D, Weaver V Performance application programming interface

  8. Granger R, Page D, Stam M (2005) Hardware and software normal basis arithmetic for pairing-based cryptography in characteristic three. IEEE Trans Comput 54(7):852–860

    Article  Google Scholar 

  9. Guide P (2011) Intel® 64 and ia-32 architectures software developer’s manual. Volume 3B: System programming Guide, Part 2

  10. Levon J, Elie P (2004) Oprofile: a system profiler for linux

  11. Liu F, Yarom Y, Ge Q, Heiser G, Lee RB (2015) Last-level cache side-channel attacks are practical. In: 2015 IEEE symposium on security and privacy (SP), pp 605–622. IEEE

  12. Martin R, Demme J, Sethumadhavan S (2012) Timewarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks. pp 118–129. ACM

  13. Mukhopadhyay D, Chakraborty RS (2014) Hardware security: design, threats, and safeguards. Chapman and Hall/CRC, Boca Raton

    Book  Google Scholar 

  14. Neve M, Seifert JP, Wang Z (2006) A refined look at bernstein’s aes side-channel analysis. In: Proceedings of the 2006 ACM symposium on information, computer and communications security, pp 369–369. ACM

  15. Nyberg K (1996) Generalized feistel networks. In: International conference on the theory and application of cryptology and information security, pp 91–104. Springer

  16. Osvik DA, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of aes. In: Cryptographers’ track at the RSA conference, pp 1–20. Springer

  17. Paar C (1994) Efficient vlsi architectures for bit-parallel computation in galois fields. PhD Thesis, Inst. for Experimental Math., Univ. of Essen

  18. Rebeiro C, Mondal M, Mukhopadhyay D. (2010) Pinpointing cache timing attacks on aes. In: 23rd international conference on VLSI design, 2010. VLSID’10., pp 306–311. IEEE

  19. Rebeiro C, Mukhopadhyay D (2011) Cryptanalysis of clefia using differential methods with cache trace patterns. In: Cryptographers’ track at the RSA conference, pp 89–103. Springer

  20. Rebeiro C, Mukhopadhyay D, Bhattacharya S (2014) Timing channels in cryptography: a micro-architectural perspective. Springer

  21. Rebeiro C, Mukhopadhyay D, Takahashi J, Fukunaga T (2009) Cache timing attacks on clefia. In: International conference on cryptology in India, pp 104–118. Springer

  22. Shirai T, Shibutani K, Akishita T, Moriai S, Iwata T (2007) The 128-bit blockcipher clefia. In: International workshop on fast software encryption, pp 181–195. Springer

  23. Standaert FX, Malkin TG, Yung M (2009) A unified framework for the analysis of side-channel key recovery attacks. In: Annual international conference on the theory and applications of cryptographic techniques, pp 443–461. Springer

  24. Standard AE (2001) Federal information processing standards publication 197. FIPS PUB, pp 46–3

  25. Wang X, Karri R (2013) Numchecker: detecting kernel control-flow modifying rootkits by using hardware performance counters. In: 2013 50th ACM/EDAC/IEEE design automation conference (DAC), pp 1–7. IEEE

  26. Wang X, Karri R (2016) Reusing hardware performance counters to detect and identify kernel control-flow modifying rootkits. IEEE Trans Comput Aided Des Integr Circuits Syst 35(3):485– 498

    Article  Google Scholar 

  27. Wang X, Konstantinou C, Maniatakos M, Karri R (2015) Confirm: Detecting firmware modifications in embedded systems using hardware performance counters. In: Proceedings of the IEEE/ACM international conference on computer-aided design, pp 544–551. IEEE Press

  28. Wiki P (2015) perf: Linux profiling with performance counters

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Technology Kharagpur, Kharagpur, India

    Manaar Alam, Sarani Bhattacharya, Sayan Sinha & Debdeep Mukhopadhyay

  2. Indian Institute of Technology Madras, Chennai, India

    Chester Rebeiro

Authors
  1. Manaar Alam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sarani Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sayan Sinha
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chester Rebeiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Debdeep Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manaar Alam.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alam, M., Bhattacharya, S., Sinha, S. et al. IPA: an Instruction Profiling–Based Micro-architectural Side-Channel Attack on Block Ciphers. J Hardw Syst Secur 3, 26–44 (2019). https://doi.org/10.1007/s41635-018-0060-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-018-0060-3

Keywords

Search

Navigation