Towards efficient evaluation of a time-driven cache attack on modern processors

Andreas Zankl, Katja Miller, Johann Heyszl, Georg Sigl

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Software implementations of block ciphers are widely used to perform critical operations such as disk encryption or TLS traffic protection. To speed up cipher execution, many implementations rely on pre-computed lookup tables, which makes them vulnerable to cachetiming attacks on modern processors. For time-driven attacks, the overall execution time of a cipher is sufficient to recover the secret key. Testing cryptographic software on actual hardware is consequently essential for vulnerability and risk assessment. In this work, we investigate the efficient and robust evaluation of cryptographic software on modern processors under a time-driven attack. Using a practical case study, we discuss necessary adaptations to the original attack and identify promising new micro-architectural side-channels for it. To leverage the leakage of multiple side-channels, we propose a simple, heuristic way to combine their corresponding attacks. As an additional benefit, combined attacks simplify a comprehensive evaluation of cryptographic software across multiple different processors. We finally formulate practical evaluation suggestions based on the results of our case study.

Original languageEnglish
Title of host publicationComputer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
EditorsSokratis Katsikas, Catherine Meadows, Ioannis Askoxylakis, Sotiris Ioannidis
PublisherSpringer Verlag
Pages3-19
Number of pages17
ISBN (Print)9783319457406
DOIs
StatePublished - 2016
Event21st European Symposium on Research in Computer Security, ESORICS 2016 - Heraklion, Greece
Duration: 26 Sep 201630 Sep 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9879 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st European Symposium on Research in Computer Security, ESORICS 2016
Country/TerritoryGreece
CityHeraklion
Period26/09/1630/09/16

Keywords

  • AES
  • ARM
  • Efficient evaluation
  • Exploiting performance events
  • New side-channels
  • Rank estimation
  • Vulnerability testing

Fingerprint

Dive into the research topics of 'Towards efficient evaluation of a time-driven cache attack on modern processors'. Together they form a unique fingerprint.

Cite this