Cryptology ePrint Archive: Report 2016/002

Remote Cache-Timing Attack without Learning Phase

Ali Can Atici and Cemal Yilmaz and Erkay Savas

Abstract: Theoretically secure cryptographic algorithms can be vulnerable to attacks due to their implementation flaws, which disclose side-channel information about the secret key. Bernstein's attack is a well known cache-timing attack which uses execution time as the side-channel. The major drawback of this attack is that it needs an identical target machine to perform its learning phase where the attacker models the cache timing-behavior of the target machine. This assumption makes the attack unrealistic in many circumstances. In this work, we present an effective method to eliminate the learning phase. We propose a methodology to model the cache timing-behavior of the target machine by hypothetical modeling. To test the validity of the proposed method, we performed the Bernstein attack and showed that, in majority of the cases, the new attack is actually superior to the original attack which uses a learning phase.

Category / Keywords: cache-timing attack, side-channel, AES

Date: received 3 Jan 2016

Contact author: alicana at sabanciuniv edu

Available format(s): PDF | BibTeX Citation

Version: 20160104:134355 (All versions of this report)

Short URL: ia.cr/2016/002