Paper 2016/002

Remote Cache-Timing Attack without Learning Phase

Ali Can Atici, Cemal Yilmaz, and Erkay Savas

Abstract

Theoretically secure cryptographic algorithms can be vulnerable to attacks due to their implementation flaws, which disclose side-channel information about the secret key. Bernstein's attack is a well known cache-timing attack which uses execution time as the side-channel. The major drawback of this attack is that it needs an identical target machine to perform its learning phase where the attacker models the cache timing-behavior of the target machine. This assumption makes the attack unrealistic in many circumstances. In this work, we present an effective method to eliminate the learning phase. We propose a methodology to model the cache timing-behavior of the target machine by hypothetical modeling. To test the validity of the proposed method, we performed the Bernstein attack and showed that, in majority of the cases, the new attack is actually superior to the original attack which uses a learning phase.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
cache-timing attackside-channelAES
Contact author(s)
alicana @ sabanciuniv edu
History
2016-01-04: received
Short URL
https://ia.cr/2016/002
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/002,
      author = {Ali Can Atici and Cemal Yilmaz and Erkay Savas},
      title = {Remote Cache-Timing Attack without Learning Phase},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/002},
      year = {2016},
      url = {https://eprint.iacr.org/2016/002}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.