Cache Misses and the Recovery of the Full AES 256 Key

Briongos, Samira; Malagón, Pedro; Goyeneche, Juan-Mariano de; Moya, José Manuel Huidobro

doi:10.3390/app9050944

Cited by 15 publications

(6 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Time-driven attacks against the shared and inclusive Last Level Cache (LLC) are mainly based on Flush&Reload [14] and their variants. So, both [1] and [4] extract the key from the AES T-table based encryption algorithm using improvements over the original attack.…”

Section: Related Workmentioning

confidence: 99%

“…In Section 2, we exposed previous algorithms for extraction of the AES key. We use the approach of [4] to break the OpenSSL 1.1.1.b AES 128 bits implementation (this library has had to be compiled with no-asm flag, so that it uses the T-Tables implementation). The attack begins by forcing the de-duplication of library pages (see Section 3.2).…”

Section: Implementation Of the Attackmentioning

confidence: 99%

See 1 more Smart Citation

Detecting Time-Fragmented Cache Attacks Against AES Using Performance Monitoring Counters

Prada

Igual

Olcoz

2019

Communications in Computer and Information Science

View full text Add to dashboard Cite

Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral effects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc countermeasures can be applied only when such a risky situation arises. In our case, the victim process is the AES encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Implementation Of the Attackmentioning

confidence: 99%

Detecting Time-Fragmented Cache Attacks Against AES Using Performance Monitoring Counters

Prada

Igual

Olcoz

2019

Communications in Computer and Information Science

View full text Add to dashboard Cite

show abstract

“…Time-driven attacks against the shared and inclusive Last Level Cache (LLC) are mainly based on Flush&Reload [15] and their variants. So, Briongos [4] extracts the key from the AES T-table based encryption algorithm using improvements over the original attack.…”

Section: Related Workmentioning

confidence: 99%

Cloud Computing and Big Data

Catlett¹

2019

Communications in Computer and Information Science

View full text Add to dashboard Cite

Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral effects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc countermeasures can be applied only when such a risky situation arises. In our case, the victim process is the Advanced Encryption Standard (AES) encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection.

show abstract

“…One paper proposes a new constant-time method for RSA modular exponentiation, which is resistant against fine-grained cache attacks [66]. The other one shows a non-access attack, a novel approach for exploiting the information gained from cache misses [67].System-level counter-measures and their weaknesses: Two research papers in this special issue introduce a new system-level counter-measure and a new vulnerability of the existing physically un-clonable function (PUF), respectively. One paper deals with the re-keying scheme, a system-level counter-measure against SCAs, which makes attackers unable to collect enough power consumption traces for their analyses [68].…”

mentioning

confidence: 99%

mentioning

confidence: 99%