Projects per year
Abstract
Cache attacks are a special form of implementation attacks and focus on the exploitation of weaknesses in the implementation of a specific algorithm. We demonstrate an access-driven cache attack, which is based on the analysis of memory-access patterns due to the T-table accesses of the Advanced Encryption Standard (AES). Based on the work of Tromer et al. we gather the cache-memory access patterns of AES T-table implementations and perform a pattern-matching attack in order to recover the used secret key. These T-tables usually do not start at memory addresses which are mapped to the beginning of a specific cache line. Thus, focusing on disaligned AES T-tables allows us to recover the whole secret key by considering only the first round of the AES. We apply the presented cache attack on a Google Nexus S smartphone, which employs a Cortex-A8 processor and runs a fully-functioning operating system. The attack is purely implemented in software and the only requirement is a rooted mobile device. To the best of our knowledge, we are the first to launch an access-driven attack on an ARM Cortex-A processor. Based on our observations of the gathered access patterns we also present an enhancement, which in some cases allows us to recover the secret key without a subsequent brute-force key search.
Original language | English |
---|---|
Title of host publication | Constructive Side-Channel Analysis and Secure Design - COSADE 2013, 4th International Workshop, Paris, France, March 7-8, 2013, Proceedings. |
Publisher | Springer |
Pages | 200-214 |
Publication status | Published - 2013 |
Event | International Workshop on Constructive Side-Channel Analysis and Secure Design - Paris, France Duration: 7 Mar 2013 → 8 Mar 2013 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Conference
Conference | International Workshop on Constructive Side-Channel Analysis and Secure Design |
---|---|
Country/Territory | France |
City | Paris |
Period | 7/03/13 → 8/03/13 |
Fields of Expertise
- Information, Communication & Computing
Treatment code (Nähere Zuordnung)
- Application
Fingerprint
Dive into the research topics of 'Cache-Access Pattern Attack on Disaligned AES T-Tables'. Together they form a unique fingerprint.Projects
- 1 Finished
-
FWF - ReSIT - Realizing a Secure Internet of Things
Hutter, M., Wenger, E., Schmidt, J., Mendel, F., Mangard, S. & Posch, R.
1/07/12 → 31/05/16
Project: Research project