Paper 2021/464

iTimed: Cache Attacks on the Apple A10 Fusion SoC

Gregor Haas, Seetal Potluri, and Aydin Aysu


This paper proposes the first cache timing side-channel attack on one of Apple’s mobile devices. Utilizing a recent, permanent exploit named checkm8, we reverse-engineered Apple’s BootROM and created a powerful toolkit for running arbitrary hardware security experiments on Apple’s in-house designed ARM systems-on-a-chip (SoC). Using this toolkit, we then implement an access-driven cache timing attack (in the style of PRIME+PROBE) as a proof-of-concept illustrator. The advanced hardware control enabled by our toolkit allowed us to reverse-engineer key microarchitectural details of the Apple A10 Fusion’s memory hierarchy. We find that the SoC employs a randomized cache-line replacement policy as well as a hardware-based L1 prefetcher. We propose statistical innovations which specifically account for these hardware structures and thus further the state-of-the-art in cache timing attacks. We find that our access-driven attack, at best, can reduce the security of OpenSSL AES-128 by 50 more bits than a straightforward adaptation of PRIME+PROBE, while requiring only half as many side channel measurement traces.

Available format(s)
Publication info
Published elsewhere. IEEE HOST
SCAcache attacksiPhone
Contact author(s)
ghaas @ ncsu edu
2021-08-14: revised
2021-04-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gregor Haas and Seetal Potluri and Aydin Aysu},
      title = {iTimed: Cache Attacks on the Apple A10 Fusion SoC},
      howpublished = {Cryptology ePrint Archive, Paper 2021/464},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.