skip to main content
10.1145/2487726.2487734acmconferencesArticle/Chapter ViewAbstractPublication PageshaspConference Proceedingsconference-collections
research-article

Unraveling timewarp: what all the fuzz is about?

Published: 23 June 2013 Publication History

Abstract

Timing attacks are a threat to networked computing systems especially the emerging cloud computing infrastructures. The precision timestamp counters present in modern microprocessors is a popularly used side channel source for timing information. These counters are able to measure the variability of timings that are caused from microarchitectural effects, like cache access patterns and branch miss predictions, and have been routinely used for demonstrating practical attacks against well known ciphers. Recently, researchers have attempted to inhibit precision timing measurements by fuzzing the timestamp, through a time-warped mechanism. In this paper, we demonstrate that in spite of fuzzing time, timing attack are still possible.

References

[1]
M. Abe, editor. Topics in Cryptology - CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, San Francisco, CA, USA, February 5-9, 2007, Proceedings, volume 4377 of Lecture Notes in Computer Science. Springer, 2006.
[2]
O. Aciiçmez, B. B. Brumley, and P. Grabher. New Results on Instruction Cache Attacks. In S. Mangard and F.-X. Standaert, editors, CHES, volume 6225 of Lecture Notes in Computer Science, pages 110--124. Springer, 2010.
[3]
O. Aciiçmez, Çetin Kaya Koç, and J.-P. Seifert. Predicting secret keys via branch prediction. In Abe {1}, pages 225--242.
[4]
O. Aciiçmez, W. Schindler, and Çetin Kaya Koç. Cache Based Remote Timing Attack on the AES. In Abe {1}, pages 271--286.
[5]
D. J. Bernstein. Cache-timing Attacks on AES. Technical report, 2005.
[6]
E. Biham. A Fast New DES Implementation in Software. In E. Biham, editor, FSE, volume 1267 of Lecture Notes in Computer Science, pages 260--272. Springer, 1997.
[7]
A. Bogdanov, T. Eisenbarth, C. Paar, and M. Wienecke. Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs. In J. Pieprzyk, editor, CT-RSA, volume 5985 of Lecture Notes in Computer Science, pages 235--251. Springer, 2010.
[8]
D. Brumley and D. Boneh. Remote Timing Attacks are Practical. Computer Networks, 48(5):701--716, 2005.
[9]
A. Canteaut, C. Lauradoux, and A. Seznec. Understanding Cache Attacks. Research Report RR-5881, INRIA, 2006.
[10]
L. Domnitser, A. Jaleel, J. Loew, N. B. Abu-Ghazaleh, and D. Ponomarev. Non-monopolizable caches: Low-complexity Mitigation of Cache Side-Channel Attacks. TACO, 8(4):35, 2012.
[11]
D. Gullasch, E. Bangerter, and S. Krenn. Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In IEEE Symposium on Security and Privacy, pages 490--505. IEEE Computer Society, 2011.
[12]
D. Jayasinghe, J. Fernando, R. Herath, and R. Ragel. Remote cache timing attack on advanced encryption standard and countermeasures. In ICIAF, pages 177--182, 2010.
[13]
J. Kelsey, B. Schneier, D. Wagner, and C. Hall. Side Channel Cryptanalysis of Product Ciphers. J. Comput. Secur., 8(2,3):141--158, 2000.
[14]
P. C. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In N. Koblitz, editor, CRYPTO '96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, volume 1109 of Lecture Notes in Computer Science, pages 104--113, London, UK, 1996. Springer-Verlag.
[15]
R. Martin, J. Demme, and S. Sethumadhavan. TimeWarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Side-Channel Attacks. In ISCA. IEEE, 2012.
[16]
M. Neve and J.-P. Seifert. Advances on Access-Driven Cache Attacks on AES. In E. Biham and A. M. Youssef, editors, Selected Areas in Cryptography, volume 4356 of Lecture Notes in Computer Science, pages 147--162. Springer, 2006.
[17]
M. Neve, J.-P. Seifert, and Z. Wang. A Refined Look at Bernstein's AES Side-Channel Analysis. In F.-C. Lin, D.-T. Lee, B.-S. Lin, S. Shieh, and S. Jajodia, editors, ASIACCS, page 369. ACM, 2006.
[18]
D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: The Case of AES. In D. Pointcheval, editor, CT-RSA, volume 3860 of Lecture Notes in Computer Science, pages 1--20. Springer, 2006.
[19]
D. Page. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel, 2002.
[20]
C. Percival. Cache Missing for Fun and Profit. In Proc. of BSDCan 2005, 2005.
[21]
C. Rebeiro, M. Mondal, and D. Mukhopadhyay. Pinpointing Cache Timing Attacks on AES. In VLSI Design, pages 306--311. IEEE Computer Society, 2010.
[22]
C. Rebeiro and D. Mukhopadhay. Boosting Profiled Cache Timing Attacks with Apriori Analysis. Information Forensics and Security, IEEE Transactions on, PP(99):1, 2012.
[23]
C. Rebeiro, D. Mukhopadhyay, J. Takahashi, and T. Fukunaga. Cache Timing Attacks on CLEFIA. In B. Roy and N. Sendrier, editors, INDOCRYPT, volume 5922 of Lecture Notes in Computer Science, pages 104--118. Springer, 2009.
[24]
Shay Gueron. Intel Advanced Encryption Standard (AES) Instructions Set (Rev: 3.0), 2010.
[25]
E. Tromer, D. A. Osvik, and A. Shamir. Efficient Cache Attacks on AES, and Countermeasures. Journal of Cryptology, 23(2):37--71, 2010.
[26]
Y. Tsunoo, T. Saito, T. Suzaki, M. Shigeri, and H. Miyauchi. Cryptanalysis of DES Implemented on Computers with Cache. In C. D. Walter, Çetin Kaya Koç, and C. Paar, editors, CHES, volume 2779 of Lecture Notes in Computer Science, pages 62--76. Springer, 2003.
[27]
Y. Tsunoo, E. Tsujihara, M. Shigeri, H. Kubo, and K. Minematsu. Improving Cache Attacks by Considering Cipher Structure. Int. J. Inf. Sec., 5(3):166--176, 2006.
[28]
Z. Wang and R. B. Lee. New cache designs for thwarting software cache-based side channel attacks. In D. M. Tullsen and B. Calder, editors, ISCA, pages 494--505. ACM, 2007.

Cited By

View all
  • (2023)Toward an Optimal Countermeasure for Cache Side-Channel AttacksIEEE Embedded Systems Letters10.1109/LES.2022.319649915:3(141-144)Online publication date: Sep-2023
  • (2019)SMT-COP: Defeating Side-Channel Attacks on Execution Units in SMT ProcessorsProceedings of the International Conference on Parallel Architectures and Compilation Techniques10.1109/PACT.2019.00012(43-54)Online publication date: 23-Sep-2019
  • (2018)IPA: an Instruction Profiling–Based Micro-architectural Side-Channel Attack on Block CiphersJournal of Hardware and Systems Security10.1007/s41635-018-0060-3Online publication date: 12-Dec-2018
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
June 2013
77 pages
ISBN:9781450321181
DOI:10.1145/2487726
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 June 2013

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. cache attacks
  2. time-fuzzying
  3. timewarp
  4. timing attack

Qualifiers

  • Research-article

Conference

HASP '13
Sponsor:

Acceptance Rates

HASP '13 Paper Acceptance Rate 9 of 13 submissions, 69%;
Overall Acceptance Rate 9 of 13 submissions, 69%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)1
Reflects downloads up to 18 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Toward an Optimal Countermeasure for Cache Side-Channel AttacksIEEE Embedded Systems Letters10.1109/LES.2022.319649915:3(141-144)Online publication date: Sep-2023
  • (2019)SMT-COP: Defeating Side-Channel Attacks on Execution Units in SMT ProcessorsProceedings of the International Conference on Parallel Architectures and Compilation Techniques10.1109/PACT.2019.00012(43-54)Online publication date: 23-Sep-2019
  • (2018)IPA: an Instruction Profiling–Based Micro-architectural Side-Channel Attack on Block CiphersJournal of Hardware and Systems Security10.1007/s41635-018-0060-3Online publication date: 12-Dec-2018
  • (2017)Tackling the Time-Defence: An Instruction Count Based Micro-architectural Side-Channel Attack on Block CiphersSecurity, Privacy, and Applied Cryptography Engineering10.1007/978-3-319-71501-8_3(30-52)Online publication date: 22-Nov-2017
  • (2016)Jump over ASLRThe 49th Annual IEEE/ACM International Symposium on Microarchitecture10.5555/3195638.3195686(1-13)Online publication date: 15-Oct-2016
  • (2016)Jump over ASLR: Attacking branch predictors to bypass ASLR2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO.2016.7783743(1-13)Online publication date: Oct-2016

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media