Paper 2020/907

Enhanced Flush+Reload Attack on AES

Milad Seddigh and Hadi Soleimany

Abstract

In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. ISC International Journal of Information Security
Keywords
Flush+ReloadAEST-table implementation
Contact author(s)
milladseddigh7 @ gmail com
hadi soleimany @ gmail com
History
2020-07-18: received
Short URL
https://ia.cr/2020/907
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/907,
      author = {Milad Seddigh and Hadi Soleimany},
      title = {Enhanced Flush+Reload Attack on {AES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/907},
      year = {2020},
      url = {https://eprint.iacr.org/2020/907}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.