Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs
- 1.3k Downloads
This paper proposes a new type of cache-collision timing attacks on software implementations of AES. Our major technique is of differential nature and is based on the internal cryptographic properties of AES, namely, on the MDS property of the linear code providing the diffusion matrix used in the MixColumns transform. It is a chosen-plaintext attack where pairs of AES executions are treated differentially. The method can be easily converted into a chosen-ciphertext attack. We also thoroughly study the physical behavior of cache memory enabling this attack.
On the practical side, we demonstrate that our theoretical findings lead to efficient real-world attacks on embedded systems implementing AES at the example of ARM9. As this is one of the most wide-spread embedded platforms today , our experimental results might make a revision of the practical security of many embedded applications with security functionality necessary. To our best knowledge, this is the first paper to study cache timing attacks on embedded systems.
KeywordsSmart Card Block Cipher Advance Encryption Standard Cache Line Cache Memory
Unable to display preview. Download preview PDF.
- 2.Advanced Encryption Standard. FIPS. Publication 197. National Bureau of Standards, U.S. Department of Commerce (2001)Google Scholar
- 3.ARM Limited. ARM920T Technical Reference Manual, 1 edn.Google Scholar
- 4.Bernstein, D.J.: Cache-timing attacks on AES. Technical report, Department of Mathematics, Statistics and Computer Science, The University of Illinois at Chicago, 2005, cr.yp.to/antiforgery/cachetiming-20050414.pdf
- 5.Bonneau, J., Mironov, I.: Cache-collision timing attacks against AES. Technical report, Computer Science Department, Stanford University and Microsoft Research, Mountain View, CA (2006)Google Scholar
- 7.ARM INC. ARM Powered Products, http://www.arm.com/markets/mobile_solutions/app.html
- 8.Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. Journal of Computer Security, 97–110 (1998)Google Scholar
- 9.Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- 10.Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)Google Scholar
- 11.Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks and Countermeasures for Cryptographic Smart Cards: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)Google Scholar
- 12.Neve, M., Seifert, J., Wang, Z.: Cache time-behavior analysis on AES (2006), http://www.cryptologie.be/document/Publications/AsiaCSSfull06.pdf
- 14.Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Technical report (2002)Google Scholar
- 15.Samsung Electronics. S3C2440A 32-Bit CMOS Microcontroller User’s Manual, 1 edn.Google Scholar
- 16.ST33F1M. Smartcard MCU with 32-bit ARM, http://www.st.com/stonline/books/pdf/docs/15066.pdf
- 17.Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)Google Scholar
- 20.OpenSSL 0.9.8.K. Openssl: The open source toolkit for ssl/tls, http://www.openssl.org/ (accessed June 18, 2009)