Corpus ID: 850114

Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel

@article{Page2002TheoreticalUO,
  title={Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel},
  author={D. Page},
  journal={IACR Cryptol. ePrint Arch.},
  year={2002},
  volume={2002},
  pages={169}
}
  • D. Page
  • Published 2002
  • Computer Science
  • IACR Cryptol. ePrint Arch.
We expand on the idea, proposed by Kelsey et al. [?], of cache memory being used as a side-channel which leaks information during the run of a cryptographic algorithm. By using this side-channel, an attacker may be able to reveal or narrow the possible values of secret information held on the target device. We describe an attack which encrypts 2 chosen plaintexts on the target processor in order to collect cache profiles and then performs around 2 computational steps to recover the key. As well… Expand
Efficient Cache Attacks on AES, and Countermeasures
TLDR
An extremely strong type of attack is demonstrated, which requires knowledge of neither the specific plaintexts nor ciphertexts and works by merely monitoring the effect of the cryptographic process on the cache. Expand
INVESTIGATION OF CACHE-TIMING ATTACKS ON AES
The Advanced Encryption Standard (AES), also known as Rijndael, has been designed to have very strong resistance against the classical approximation attacks, such as linear cryptanalysis,Expand
Cache Attacks and Countermeasures: The Case of AES
TLDR
An extremely strong type of attack is demonstrated, which requires knowledge of neither the specific plaintexts nor ciphertexts, and works by merely monitoring the effect of the cryptographic process on the cache. Expand
Measurement program: Investigation on cache-timing attack
TLDR
This paper is investigating cache-timing attacks, and shows some experimental results that motivated it to develop a portable measurement program for such attacks. Expand
Cryptanalysis of DES Implemented on Computers with Cache
TLDR
The results of applying an attack against the Data Encryption Standard (DES) implemented in some applications, using side-channel information based on CPU delay as proposed in (11), found that the cipher can be broken with 2 known plaintexts and 2 24 calculations at a success rate > 90%, using a personal computer with 600-MHz Pentium III. Expand
Cache Storage Attacks
TLDR
This paper introduces a new storage channel made available through cache debug facilities on some embedded microprocessors and is then extended to a cryptanalytic side-channel attack on AES software. Expand
Cryptographic Side-Channels from Low-Power Cache Memory
TLDR
This work introduces a new attack within this class which targets the use of low power cache memories, showing that they permit attack where a more considered design strategy would not. Expand
Cryptanalysis of CLEFIA Using Differential Methods with Cache Trace Patterns
TLDR
The paper shows that although obtaining cache access patterns from the power consumption of the device may be difficult due to the non-blocking cache architectures of modern processors, still the cache trace has a distinct signature on the power profiles. Expand
Improving cache attacks by considering cipher structure
TLDR
This paper provided the cache attack in which the average method is embodied, and provides improved key estimation, and includes the study on the attack that exploits internal collision. Expand
Cache Timing Analysis of RC4
TLDR
A new state recovery analysis on RC4 using a belief propagation algorithm that works well and its soundness is proved for known or unknown plaintext and only requires that the attacker queries the RC4 encryption process byte by byte for a practical attack. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 33 REFERENCES
Instruction stream mutation for non-deterministic processors
  • J. Irwin, D. Page, N. Smart
  • Computer Science
  • Proceedings IEEE International Conference on Application- Specific Systems, Architectures, and Processors
  • 2002
TLDR
This work describes the addition of a specialised processor pipeline stage which increases the level of potential non-determinism and hence guards against the revelation of secret information in differential power analysis. Expand
Side Channel Cryptanalysis of Product Ciphers
TLDR
The notion of side-channel cryptanalysis: cryptanalysis using implementation data is introduced andSide-channel attacks against three product ciphers are demonstrated and generalized to other cryptosystems are generalized. Expand
Power Analysis, What Is Now Possible
TLDR
This paper first describes and analyzes some different possible models of power analysis for smart-cards, then applies these models to real components and clearly defines what can be detected by power analysis. Expand
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.Expand
Physical side-channel attacks on cryptographic systems
  • N. Smart
  • Computer Science
  • Softw. Focus
  • 2000
TLDR
Amber of attacks on cryptographic systems which depend on measuring physical characteristics of such systems whilst a given cryptographic operation is carried out are described, for example power consumption, computing time or EMF radiations. Expand
Differential Fault Analysis of Secret Key Cryptosystems
TLDR
This work states that this attack is applicable only to public key cryptosystems such as RSA, and not to secret key algorithms such as the Data Encryption Standard (DES). Expand
Non-deterministic Processors
TLDR
By randomising the instruction stream being executed by the processor, this work can hide the secret key stored in a smartcard by adding an extension to existing processors, and is transparent to the algorithm. Expand
Differential Power Analysis
Most modern cryptographic devices are implemented using semiconductor logic gates, which are constructed out of transistors. They leak information about the operations they process. To attack theExpand
Fast Software Encryption Functions
TLDR
A well accepted encryption function for implementation in software is presented here - on a SUN 4/260 it can encrypt at 4 to 8 megabits per second, which will effectively reduce the cost and increase the availability of cryptographic protection. Expand
The Design of Rijndael
TLDR
This volume is the authoritative guide to the Rijndael algorithm and AES and professionals, researchers, and students active or interested in data encryption will find it a valuable source of information and reference. Expand
...
1
2
3
4
...