Cryptology ePrint Archive: Report 2002/169

Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel

D. Page

Abstract: We expand on the idea, proposed by Kelsey et al, of cache memory being used as a side-channel which leaks information during the run of a cryptographic algorithm. By using this side-channel, an attacker may be able to reveal or narrow the possible values of secret information held on the target device. We describe an attack which encrypts $2^{10}$ chosen plaintexts on the target processor in order to collect cache profiles and then performs around $2^{32}$ computational steps to recover the key. As well as describing and simulating the theoretical attack, we discuss how hardware and algorithmic alterations can be used to defend against such techniques.

Category / Keywords: DES, cache memory, side channel analysis, smart cards, cryptanalysis

Publication Info: University of Bristol Technical Report CSTR-02-003, Sumbitted to TISSEC