Paper 2021/464

iTimed: Cache Attacks on the Apple A10 Fusion SoC

Gregor Haas, Seetal Potluri, and Aydin Aysu

Abstract

This paper proposes the first cache timing side-channel attack on one of Apple’s mobile devices. Utilizing a recent, permanent exploit named checkm8, we reverse-engineered Apple’s BootROM and created a powerful toolkit for running arbitrary hardware security experiments on Apple’s in-house designed ARM systems-on-a-chip (SoC). Using this toolkit, we then implement an access-driven cache timing attack (in the style of PRIME+PROBE) as a proof-of-concept illustrator. The advanced hardware control enabled by our toolkit allowed us to reverse-engineer key microarchitectural details of the Apple A10 Fusion’s memory hierarchy. We find that the SoC employs a randomized cache-line replacement policy as well as a hardware-based L1 prefetcher. We propose statistical innovations which specifically account for these hardware structures and thus further the state-of-the-art in cache timing attacks. We find that our access-driven attack, at best, can reduce the security of OpenSSL AES-128 by 50 more bits than a straightforward adaptation of PRIME+PROBE, while requiring only half as many side channel measurement traces.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. IEEE HOST
Keywords
SCAcache attacksiPhone
Contact author(s)
ghaas @ ncsu edu
History
2021-08-14: revised
2021-04-12: received
See all versions
Short URL
https://ia.cr/2021/464
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/464,
      author = {Gregor Haas and Seetal Potluri and Aydin Aysu},
      title = {iTimed: Cache Attacks on the Apple A10 Fusion SoC},
      howpublished = {Cryptology ePrint Archive, Paper 2021/464},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/464}},
      url = {https://eprint.iacr.org/2021/464}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.