TY - GEN
T1 - Towards efficient evaluation of a time-driven cache attack on modern processors
AU - Zankl, Andreas
AU - Miller, Katja
AU - Heyszl, Johann
AU - Sigl, Georg
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2016.
PY - 2016
Y1 - 2016
N2 - Software implementations of block ciphers are widely used to perform critical operations such as disk encryption or TLS traffic protection. To speed up cipher execution, many implementations rely on pre-computed lookup tables, which makes them vulnerable to cachetiming attacks on modern processors. For time-driven attacks, the overall execution time of a cipher is sufficient to recover the secret key. Testing cryptographic software on actual hardware is consequently essential for vulnerability and risk assessment. In this work, we investigate the efficient and robust evaluation of cryptographic software on modern processors under a time-driven attack. Using a practical case study, we discuss necessary adaptations to the original attack and identify promising new micro-architectural side-channels for it. To leverage the leakage of multiple side-channels, we propose a simple, heuristic way to combine their corresponding attacks. As an additional benefit, combined attacks simplify a comprehensive evaluation of cryptographic software across multiple different processors. We finally formulate practical evaluation suggestions based on the results of our case study.
AB - Software implementations of block ciphers are widely used to perform critical operations such as disk encryption or TLS traffic protection. To speed up cipher execution, many implementations rely on pre-computed lookup tables, which makes them vulnerable to cachetiming attacks on modern processors. For time-driven attacks, the overall execution time of a cipher is sufficient to recover the secret key. Testing cryptographic software on actual hardware is consequently essential for vulnerability and risk assessment. In this work, we investigate the efficient and robust evaluation of cryptographic software on modern processors under a time-driven attack. Using a practical case study, we discuss necessary adaptations to the original attack and identify promising new micro-architectural side-channels for it. To leverage the leakage of multiple side-channels, we propose a simple, heuristic way to combine their corresponding attacks. As an additional benefit, combined attacks simplify a comprehensive evaluation of cryptographic software across multiple different processors. We finally formulate practical evaluation suggestions based on the results of our case study.
KW - AES
KW - ARM
KW - Efficient evaluation
KW - Exploiting performance events
KW - New side-channels
KW - Rank estimation
KW - Vulnerability testing
UR - http://www.scopus.com/inward/record.url?scp=84990837053&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-45741-3_1
DO - 10.1007/978-3-319-45741-3_1
M3 - Conference contribution
AN - SCOPUS:84990837053
SN - 9783319457406
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 3
EP - 19
BT - Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
A2 - Katsikas, Sokratis
A2 - Meadows, Catherine
A2 - Askoxylakis, Ioannis
A2 - Ioannidis, Sotiris
PB - Springer Verlag
T2 - 21st European Symposium on Research in Computer Security, ESORICS 2016
Y2 - 26 September 2016 through 30 September 2016
ER -