Paper 2006/374

Robust Final-Round Cache-Trace Attacks Against AES

Joseph Bonneau

Abstract

This paper describes an algorithm to attack AES using side-channel information from the final round cache lookups performed by the encryption, specifically whether each access hits or misses in the cache, building off of previous work by Aciicmez and Koc. It is assumed that an attacker could gain such a trace through power consumption analysis or electromagnetic analysis. This information has already been shown to lead to an effective attack. This paper interprets cache trace data available as binary constraints on pairs of key bytes then reduces key search to a constraint-satisfaction problem. In this way, an attacker is guaranteed to perform as little search as is possible given a set of cache traces, leading to a natural tradeoff between online collection and offline processing. This paper also differs from previous work in assuming a partially pre-loaded cache, proving that cache trace attacks are still effective in this scenario with the number of samples required being inversely related to the percentage of cache which is pre-loaded.

Metadata
Available format(s)
PDF PS
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
AEScryptanalysisside-channel attackpower analysiscache
Contact author(s)
jbonneau @ stanford edu
History
2006-11-03: received
Short URL
https://ia.cr/2006/374
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/374,
      author = {Joseph Bonneau},
      title = {Robust Final-Round Cache-Trace Attacks Against {AES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/374},
      year = {2006},
      url = {https://eprint.iacr.org/2006/374}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.