Advertisement

IPA: an Instruction Profiling–Based Micro-architectural Side-Channel Attack on Block Ciphers

  • Manaar Alam
  • Sarani Bhattacharya
  • Sayan Sinha
  • Chester Rebeiro
  • Debdeep Mukhopadhyay
Article

Abstract

Hardware performance counters (HPCs) are present in most modern processors and provide an interface to user-level processes to monitor their performance in terms of the number of micro-architectural events, executed during the process execution. In this paper, we analyze the leakage from these HPC events and present a new micro-architectural side-channel attack that observes the number of instruction counts during the execution of an encryption algorithm as side-channel information to recover the secret key. This paper explores the fact that the instruction counts can act as a side channel and then describes the instruction profiling attack (IPA) methodology with the help of two block ciphers, namely AES and CLEFIA, on Intel and AMD processors. We follow the principles of profiled instruction attacks and show that the proposed attack is more potent than the well-known cache timing attacks in literature. We also perform experiments on ciphers implemented with popular time fuzzing schemes to subvert timing attacks. Our results show that while the countermeasure successfully stops leakages through the timing channels, it is vulnerable to the instruction profiling attack. We validate our claims by detailed experiments on contemporary Intel and AMD platforms to demonstrate that seemingly benign instruction counts can serve as side channels even for block cipher implementations that are hardened against timing attacks. In addition to it, we present detailed experimentation to analyze the rationale behind the attack and also explore the performance of IPA on a countermeasure designed to subvert the cache-based attacks considering a case study on CLEFIA.

Keywords

Micro-architectural side-channel attack Hardware performance counters Cache timing attack Block cipher 

References

  1. 1.
    Aciiċmez O (2007) Yet another microarchitectural attack:: exploiting i-cache. In: Proceedings of the 2007 ACM workshop on computer security architecture, pp 11–18. ACMGoogle Scholar
  2. 2.
    Acıiċmez O, Schindler W, Koċ ĊK (2007) Cache based remote timing attack on the aes. In: Cryptographers’ track at the RSA conference, pp 271–286. SpringerGoogle Scholar
  3. 3.
    Barreto P. (2003) The aes block cipher in c++. websiteGoogle Scholar
  4. 4.
    Bernstein DJ (2005) Cache-timing attacks on aesGoogle Scholar
  5. 5.
    Bhattacharya S, Rebeiro C, Mukhopadhyay D (2013) Unraveling timewarp: What all the fuzz is about?. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, pp 8. ACMGoogle Scholar
  6. 6.
    Cox M, Engelschall R, Henson S, Laurie B et al (2002) The openssl project. Google ScholarGoogle Scholar
  7. 7.
    Dongarra J, Jagode H, Moore S, Mucci P, Ralph J, Terpstra D, Weaver V Performance application programming interfaceGoogle Scholar
  8. 8.
    Granger R, Page D, Stam M (2005) Hardware and software normal basis arithmetic for pairing-based cryptography in characteristic three. IEEE Trans Comput 54(7):852–860CrossRefGoogle Scholar
  9. 9.
    Guide P (2011) Intel® 64 and ia-32 architectures software developer’s manual. Volume 3B: System programming Guide, Part 2Google Scholar
  10. 10.
    Levon J, Elie P (2004) Oprofile: a system profiler for linuxGoogle Scholar
  11. 11.
    Liu F, Yarom Y, Ge Q, Heiser G, Lee RB (2015) Last-level cache side-channel attacks are practical. In: 2015 IEEE symposium on security and privacy (SP), pp 605–622. IEEEGoogle Scholar
  12. 12.
    Martin R, Demme J, Sethumadhavan S (2012) Timewarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks. pp 118–129. ACMGoogle Scholar
  13. 13.
    Mukhopadhyay D, Chakraborty RS (2014) Hardware security: design, threats, and safeguards. Chapman and Hall/CRC, Boca RatonCrossRefGoogle Scholar
  14. 14.
    Neve M, Seifert JP, Wang Z (2006) A refined look at bernstein’s aes side-channel analysis. In: Proceedings of the 2006 ACM symposium on information, computer and communications security, pp 369–369. ACMGoogle Scholar
  15. 15.
    Nyberg K (1996) Generalized feistel networks. In: International conference on the theory and application of cryptology and information security, pp 91–104. SpringerGoogle Scholar
  16. 16.
    Osvik DA, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of aes. In: Cryptographers’ track at the RSA conference, pp 1–20. SpringerGoogle Scholar
  17. 17.
    Paar C (1994) Efficient vlsi architectures for bit-parallel computation in galois fields. PhD Thesis, Inst. for Experimental Math., Univ. of EssenGoogle Scholar
  18. 18.
    Rebeiro C, Mondal M, Mukhopadhyay D. (2010) Pinpointing cache timing attacks on aes. In: 23rd international conference on VLSI design, 2010. VLSID’10., pp 306–311. IEEEGoogle Scholar
  19. 19.
    Rebeiro C, Mukhopadhyay D (2011) Cryptanalysis of clefia using differential methods with cache trace patterns. In: Cryptographers’ track at the RSA conference, pp 89–103. SpringerGoogle Scholar
  20. 20.
    Rebeiro C, Mukhopadhyay D, Bhattacharya S (2014) Timing channels in cryptography: a micro-architectural perspective. SpringerGoogle Scholar
  21. 21.
    Rebeiro C, Mukhopadhyay D, Takahashi J, Fukunaga T (2009) Cache timing attacks on clefia. In: International conference on cryptology in India, pp 104–118. SpringerGoogle Scholar
  22. 22.
    Shirai T, Shibutani K, Akishita T, Moriai S, Iwata T (2007) The 128-bit blockcipher clefia. In: International workshop on fast software encryption, pp 181–195. SpringerGoogle Scholar
  23. 23.
    Standaert FX, Malkin TG, Yung M (2009) A unified framework for the analysis of side-channel key recovery attacks. In: Annual international conference on the theory and applications of cryptographic techniques, pp 443–461. SpringerGoogle Scholar
  24. 24.
    Standard AE (2001) Federal information processing standards publication 197. FIPS PUB, pp 46–3Google Scholar
  25. 25.
    Wang X, Karri R (2013) Numchecker: detecting kernel control-flow modifying rootkits by using hardware performance counters. In: 2013 50th ACM/EDAC/IEEE design automation conference (DAC), pp 1–7. IEEEGoogle Scholar
  26. 26.
    Wang X, Karri R (2016) Reusing hardware performance counters to detect and identify kernel control-flow modifying rootkits. IEEE Trans Comput Aided Des Integr Circuits Syst 35(3):485– 498CrossRefGoogle Scholar
  27. 27.
    Wang X, Konstantinou C, Maniatakos M, Karri R (2015) Confirm: Detecting firmware modifications in embedded systems using hardware performance counters. In: Proceedings of the IEEE/ACM international conference on computer-aided design, pp 544–551. IEEE PressGoogle Scholar
  28. 28.
    Wiki P (2015) perf: Linux profiling with performance countersGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Indian Institute of Technology KharagpurKharagpurIndia
  2. 2.Indian Institute of Technology MadrasChennaiIndia

Personalised recommendations