Book ChapterDOI
Trace-driven cache attacks on AES (short paper)
Onur Aciicmez,Çetin Kaya Koç +1 more
- pp 112-121
Reads0
Chats0
TLDR
This paper presents an efficient trace-driven cache attack on a widely used implementation of the AES cryptosystem, and develops an accurate mathematical model that is used in the cost analysis of the attack.Abstract:
Cache based side-channel attacks have recently been attracted significant attention due to the new developments in the field. In this paper, we present an efficient trace-driven cache attack on a widely used implementation of the AES cryptosystem. We also evaluate the cost of the proposed attack in detail under the assumption of a noiseless environment. We develop an accurate mathematical model that we use in the cost analysis of our attack. We use two different metrics, specifically, the expected number of necessary traces and the cost of the analysis phase, for the cost evaluation purposes. Each of these metrics represents the cost of a different phase of the attack.read more
Citations
More filters
Proceedings ArticleDOI
Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications
TL;DR: A novel side-channel which functions across virtual machines, and seven possible malicious applications of this channel are considered: theft of encryption keys, program identification, environmental keying, malicious triggers, determining virtual machine co-location, malicious data injection, and covert channels.
Journal ArticleDOI
Research on Cache Timing Attack Against RSA with Sliding Window Exponentiation Algorithm
TL;DR: The attacker can monitor the cryptographic thread by executing a spy thread, recording the timing characteristic during the RSA decryption when reading the Cache, and recover the original key via analyzing these timing measurements.
Dissertation
Quantitative Information Flow of Side-Channel Leakages in Web Applications
TL;DR: A new approach based on verification and quantitative information flow is proposed to perform a fully automated analysis of side-channel leakages in web applications and is implemented into a tool, called SideAuto, which targets at the Apache Struts web.
Book ChapterDOI
Cache-Side-Channel Quantification and Mitigation for Quantum Cryptography
Alexandra Weber,Oleg Nikiforov,Alexander Sauer,Johannes Schickel,Gernot Alber,Heiko Mantel,Thomas Walther +6 more
TL;DR: In this article, the authors proposed a quantum key distribution (QKD) scheme, where the key material is encoded into the particles in a way that leakage can be detected and mitigated via so-called privacy amplification.
Journal ArticleDOI
Towards the optimal performance of integrating Warm and Delay against remote cache timing side channels on block ciphers
TL;DR: This work derives the optimal scheme to integrate WARM and DELAY, and applies it to AES, and it is proven that the integration scheme achieves the optimal performance with the least extra operations on commodity systems.
References
More filters
Book ChapterDOI
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
BookDOI
The Design of Rijndael
Joan Daemen,Vincent Rijmen +1 more
TL;DR: This volume is the authoritative guide to the Rijndael algorithm and AES and professionals, researchers, and students active or interested in data encryption will find it a valuable source of information and reference.
Book ChapterDOI
Cache attacks and countermeasures: the case of AES
TL;DR: In this article, the authors describe side-channel attacks based on inter-process leakage through the state of the CPU's memory cache, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups.
Proceedings Article
Remote timing attacks are practical
David Brumley,Dan Boneh +1 more
TL;DR: This work devise a timing attack against OpenSSL that can extract private keys from an OpenSSL-based web server running on a machine in the local network.
Book ChapterDOI
Cache-collision timing attacks against AES
Joseph Bonneau,Ilya Mironov +1 more
TL;DR: The most powerful attack has been shown under optimal conditions to reliably recover a full 128-bit AES key with 213 timing samples, an improvement of almost four orders of magnitude over the best previously published attacks of this type.