Skip to main content
SpringerLink
Log in

Cache Based Remote Timing Attack on the AES

  • Conference paper
Topics in Cryptology – CT-RSA 2007 (CT-RSA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4377))

Included in the following conference series:

Abstract

We introduce a new robust cache-based timing attack on AES. We present experiments and concrete evidence that our attack can be used to obtain secret keys of remote cryptosystems if the server under attack runs on a multitasking or simultaneous multithreading system with a large enough workload. This is an important difference to recent cache-based timing attacks as these attacks either did not provide any supporting experimental results indicating if they can be applied remotely, or they are not realistically remote attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Acıiçmez, O., Schindler, W., Koç, Ç.K.: Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations. In: Meadows, C., Syverson, P. (eds.) ACM CCS 2005, Virginia, pp. 139–146 (2005)

    Google Scholar 

  2. Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES. Cryptology ePrint Archive, Report 2006/138 (2006), Available at: http://eprint.iacr.org/2006/138

  3. Acıiçmez, O., Koç, Ç.K., Seifert, J.-P.: Predicting Secret Keys via Branch Prediction. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377. Springer, Heidelberg (2006)

    Google Scholar 

  4. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  5. Bernstein, D.J.: Cache-timing attacks on AES (April 2005), Available at: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  6. Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC 2005, pp. 586–591. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  7. Bleichenbacher, D.: Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)

    Google Scholar 

  8. Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Brickell, E., Graunke, G., Neve, M., Seifert, J.-P.: Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052 (2006), Available at: http://eprint.iacr.org/2006/052

  10. Brumley, D., Boneh, D.: Remote Timing Attacks are Practical. In: Proceedings of the 12th Usenix Security Symposium, pp. 1–14 (2003)

    Google Scholar 

  11. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Berlin (2001)

    Google Scholar 

  12. Feller, W.: An Introduction to Probability Theory, 3rd edn. Wiley, New York (1970) (revised printing)

    Google Scholar 

  13. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security 8, 141–158 (2000)

    Google Scholar 

  15. Kocher, P.C.: Timing Attacks on Implementations of Diffie–Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  16. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  17. Lauradoux, C.: Collision attacks on processors with cache and countermeasures. In: Wolf, C., Lucks, S., Yau, P.-W. (eds.) WEWoRC 2005, Kl̈len, Bonn. LNI, vol. P-74, pp. 76–85 (2005)

    Google Scholar 

  18. Neve, M., Seifert, J.-P., Wang, Z.: A refined look at Bernstein’s AES side-channel analysis. In: ASIA CCS 2006, pp. 369–369. ACM Press, New York (2006)

    Google Scholar 

  19. Seifert, J.-P., Neve, M.: Advances on Access-Driven Cache Attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  20. Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  21. Page, D.: Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02-003, Department of Computer Science, University of Bristol (June 2002)

    Google Scholar 

  22. Page, D.: Defending Against Cache Based Side-Channel Attacks. Technical Report. Department of Computer Science, University of Bristol (2003)

    Google Scholar 

  23. Page, D.: Partitioned Cache Architecture as a Side Channel Defence Mechanism. Cryptography ePrint Archive, Report 2005/280 (2005), Available at: http://eprint.iacr.org/2005/280

  24. Percival, C.: Cache missing for fun and profit. In: BSDCan 2005, Ottawa (2005), Available at: http://www.daemonology.net/hyperthreading-considered-harmful/

  25. Schindler, W.: On the Optimization of Side-Channel Attacks by Advanced Stochastic Methods. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 85–103. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  26. Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: ISITA 2002, IEEE Information Theory Society, pp. 803–806 (2002)

    Google Scholar 

  27. Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES Implemented on Computers with Cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  28. Tsunoo, Y., Tsujihara, E., Shigeri, M., Kubo, H., Minematsu, K.: Improving cache attacks by considering cipher structure. International Journal of Information Security (February 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of EECS, Corvallis, Oregon State University, OR, 97331, USA

    Onur Acıiçmez & Çetin K. Koç

  2. Bundesamt für Sicherheit in der Informationstechnik (BSI), Godesberger Allee 185–189, 53175, Bonn, Germany

    Werner Schindler

  3. Information Security Research Center, Istanbul Commerce University, Eminönü, Istanbul, 34112, Turkey

    Çetin K. Koç

Authors
  1. Onur Acıiçmez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Werner Schindler
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Çetin K. Koç
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Sharing Platform Laboratories, NTT Corporation, Japan

    Masayuki Abe

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Acıiçmez, O., Schindler, W., Koç, Ç.K. (2006). Cache Based Remote Timing Attack on the AES. In: Abe, M. (eds) Topics in Cryptology – CT-RSA 2007. CT-RSA 2007. Lecture Notes in Computer Science, vol 4377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11967668_18

Download citation

  • DOI: https://doi.org/10.1007/11967668_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69327-7

  • Online ISBN: 978-3-540-69328-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation