AES power attack based on induced cache miss and countermeasure

@article{Bertoni2005AESPA,
  title={AES power attack based on induced cache miss and countermeasure},
  author={Guido Bertoni and Vittorio Zaccaria and Luca Breveglieri and Matteo Monchiero and Gianluca Palermo},
  journal={International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II},
  year={2005},
  volume={1},
  pages={586-591 Vol. 1}
}
  • G. Bertoni, V. Zaccaria, +2 authors G. Palermo
  • Published 4 April 2005
  • Computer Science
  • International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II
This paper presents a new attack against a software implementation of the Advanced Encryption Standard. The attack aims at flushing elements of the SBOX from the cache, thus inducing a cache miss during the encryption phase. The power trace is then used to detect when the cache miss occurs; if the miss happens in the first round of the AES then the information can be used to recover part of the secret key. The attack has been simulated using the Wattch simulation framework and a simple software… 
Cache Based Power Analysis Attacks on AES
This paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on
Analysis of countermeasures against access driven cache attacks on AES
TLDR
This paper describes the property a permutation must have in order to prevent the leakage of some key bits through CBAs, and shows that random permutations used in a straightforward manner are not enough to protect against CBAs.
Cache-Collision Timing Attacks Against AES
TLDR
The most powerful attack has been shown under optimal conditions to reliably recover a full 128-bit AES key with 213 timing samples, an improvement of almost four orders of magnitude over the best previously published attacks of this type.
Improved Trace-Driven Cache-Collision Attacks against Embedded AES Implementations
TLDR
Two attacks that exploit cache events, which are visible in some side channel, to derive a secret key used in an implementation of AES using a new known plaintext attack that can recover a 128-bit key with approximately 30 measurements to reduce the number of key hypotheses to 230.
Improving cache attacks by considering cipher structure
TLDR
This paper provided the cache attack in which the average method is embodied, and provides improved key estimation, and includes the study on the attack that exploits internal collision.
INVESTIGATION OF CACHE-TIMING ATTACKS ON AES
The Advanced Encryption Standard (AES), also known as Rijndael, has been designed to have very strong resistance against the classical approximation attacks, such as linear cryptanalysis,
Cache Timing Analysis of RC4
TLDR
A new state recovery analysis on RC4 using a belief propagation algorithm that works well and its soundness is proved for known or unknown plaintext and only requires that the attacker queries the RC4 encryption process byte by byte for a practical attack.
Trace-Driven Cache Attacks on AES (Short Paper)
TLDR
This paper presents an efficient trace-driven cache attack on a widely used implementation of the AES cryptosystem, and develops an accurate mathematical model that is used in the cost analysis of the attack.
An Enhanced Differential Cache Attack on CLEFIA for Large Cache Lines
TLDR
An enhanced cache trace attack on CLEFIA is presented using the differential property of the s-boxes of the cipher and the diffusion properties of the linear transformations of the underlying Feistel structures to show the effectiveness of power and timing side-channels in deducing cache access patterns.
Trace-Driven Cache Attacks on AES
TLDR
This paper presents efficient trace-driven cache attacks on a widely used implementation of the AES cryptosystem and develops an accurate mathematical model that is used in the cost analysis of the attacks.
...
1
2
3
4
5
...

References

SHOWING 1-8 OF 8 REFERENCES
Cryptanalysis of DES Implemented on Computers with Cache
TLDR
The results of applying an attack against the Data Encryption Standard (DES) implemented in some applications, using side-channel information based on CPU delay as proposed in (11), found that the cipher can be broken with 2 known plaintexts and 2 24 calculations at a success rate > 90%, using a personal computer with 600-MHz Pentium III.
Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel
  • D. Page
  • Computer Science
    IACR Cryptol. ePrint Arch.
  • 2002
TLDR
An attack is described which encrypts 2 chosen plaintexts on the target processor in order to collect cache profiles and then performs around 2 computational steps to recover the key.
Side Channel Cryptanalysis of Product Ciphers
TLDR
The notion of side-channel cryptanalysis: cryptanalysis using implementation data is introduced andSide-channel attacks against three product ciphers are demonstrated and generalized to other cryptosystems are generalized.
Challenges for architectural level power modeling
The power aware design of microprocessors is becoming increasingly important. Power aware design can best be achieved by considering the impact of architectural choices on power early in the design
Evaluating Future Microprocessors: the SimpleScalar Tool Set
TLDR
An anview of the SimpleScalar tool set is given, show how to obtain, install and use it, and details about the tools’ internals are discussed.
Computer Architecture: A Quantitative Approach
This best-selling title, considered for over a decade to be essential reading for every serious student and practitioner of computer design, has been updated throughout to address the most important
Department of Commerce/National Institute of Standard and Technology. FIPS PUB 197, Specification for the Advanced Encryption Standard (AES)
  • Department of Commerce/National Institute of Standard and Technology. FIPS PUB 197, Specification for the Advanced Encryption Standard (AES)
  • 2001