Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice
Top Cited Papers
- 1 May 2011
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- Vol. 2010, 490-505
- https://doi.org/10.1109/sp.2011.22
Abstract
Side channel attacks on cryptographic systems exploit information gained from physical implementations rather than theoretical weaknesses of a scheme. In recent years, major achievements were made for the class of so called access-driven cache attacks. Such attacks exploit the leakage of the memory locations accessed by a victim process. In this paper we consider the AES block cipher and present an attack which is capable of recovering the full secret key in almost real time for AES-128, requiring only a very limited number of observed encryptions. Unlike previous attacks, we do not require any information about the plaintext (such as its distribution, etc.). Moreover, for the first time, we also show how the plaintext can be recovered without having access to the cipher text at all. It is the first working attack on AES implementations using compressed tables. There, no efficient techniques to identify the beginning of AES rounds is known, which is the fundamental assumption underlying previous attacks. We have a fully working implementation of our attack which is able to recover AES keys after observing as little as 100 encryptions. It works against the OpenS SL 0.9.8n implementation of AES on Linux systems. Our spy process does not require any special privileges beyond those of a standard Linux user. A contribution of probably independent interest is a denial of service attack on the task scheduler of current Linux systems (CFS), which allows one to observe (on average) every single memory access of a victim process.Keywords
This publication has 12 references indexed in Scilit:
- Hey, you, get off of my cloudPublished by Association for Computing Machinery (ACM) ,2009
- A Fast and Cache-Timing Resistant Implementation of the AESLecture Notes in Computer Science, 2008
- A refined look at Bernstein's AES side-channel analysisPublished by Association for Computing Machinery (ACM) ,2006
- Best practices for convolutional neural networks applied to visual document analysisPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- AES power attack based on induced cache miss and countermeasurePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Defending against cache-based side-channel attacksInformation Security Technical Report, 2003
- Side channel cryptanalysis of product ciphersJournal of Computer Security, 2000
- Neural networksACM Computing Surveys, 1996
- A logical calculus of the ideas immanent in nervous activityBulletin of Mathematical Biology, 1943
- LII. An essay towards solving a problem in the doctrine of chances. By the late Rev. Mr. Bayes, F. R. S. communicated by Mr. Price, in a letter to John Canton, A. M. F. R. SPhilosophical Transactions of the Royal Society of London, 1763