Nothing Special   »   [go: up one dir, main page]

Skip to main content

Cryptographic Side-Channels from Low-Power Cache Memory

  • Conference paper
Cryptography and Coding (Cryptography and Coding 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4887))

Included in the following conference series:

Abstract

To deliver real world cryptographic applications, we are increasingly reliant on security guarantees from both the underlying mathematics and physical implementation. The micro-processors that execute such applications are often designed with a focus on performance, area or power consumption. This strategy neglects physical security, a fact that has recently been exploited by a new breed of micro-architectural side-channel attacks. We introduce a new attack within this class which targets the use of low power cache memories. Although such caches offer an attractive compromise between performance and power consumption within mobile computing devices, we show that they permit attack where a more considered design strategy would not.

The work described in this paper has been supported by the EPSRC under grant EP/E001556/1 and, in part, by the European Commission through the IST Programme under contract IST-2002-507932 ECRYPT. The information in this paper reflects only the authors’ views, is provided as is and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Acıiçmez, O.: Yet Another MicroArchitectural Attack: Exploiting I-cache. In: Cryptology ePrint Archive, Report 2007/164 (2007)

    Google Scholar 

  2. Acıiçmez, O., Gueron, S., Seifert, J-P.: New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures. In: Cryptology ePrint Archive, Report 2007/039 (2007)

    Google Scholar 

  3. Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES. In: Cryptology ePrint Archive, Report 2006/138 (2006)

    Google Scholar 

  4. Acıiçmez, O., Koç, Ç.K., Seifert, J-P.: On the Power of Simple Branch Prediction Analysis. Cryptology ePrint Archive  Report 2006/351 (2006)

    Google Scholar 

  5. Acıiçmez, O., Seifert, J-P., Koç, Ç.K.: Predicting Secret Keys via Branch Prediction. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 225–242. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Acıiçmez, O., Schindler, W., Koç., Ç.K.: Cache Based Remote Timing Attacks on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Agosta, G., Pelosi, G.: Countermeasures for the Simple Branch Prediction Analysis. In: Cryptology ePrint Archive, Report 2006/482 (2006)

    Google Scholar 

  8. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)

    Google Scholar 

  9. Bernstein, D.J.: Cache-timing Attacks on AES, http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  10. Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC. IEEE Conference on Information Technology: Coding and Computing (2005)

    Google Scholar 

  11. Bonneau, J.: Robust Final-Round Cache-Trace Attacks Against AES. In: Cryptology ePrint Archive, Report 2006/374 (2006)

    Google Scholar 

  12. Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks Against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006)

    Google Scholar 

  13. Brickell, E., Graunke, G., Neve, M., Seifert, J-P.: Software Mitigations to Hedge AES Against Cache-based Software Side Channel Vulnerabilities. In: Cryptology ePrint Archive, Report 2006/052 (2006)

    Google Scholar 

  14. Flautner, K., Kim, N.S., Martin, S., Blaauw, D., Mudge, T.N.: Drowsy Caches: Simple Techniques for Reducing Leakage Power. In: ISCA. International Symposium on Computer Architecture, pp. 148–157 (2002)

    Google Scholar 

  15. Hu, W.M.: Lattice Scheduling and Covert Channels. In: IEEE Symposium on Security and Privicy, pp. 52–61. IEEE Computer Society Press, Los Alamitos (1992)

    Google Scholar 

  16. Intel Corporation. Intel i960 Jx Processor Documentation, http://www.intel.com/design/i960/documentation/

  17. Intel Corporation. Intel XScale Processor Documentation, http://www.intel.com/design/intelxscale/

  18. Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security 8(2-3), 141–158 (2000)

    Google Scholar 

  19. Kim, N.S., Flautner, K., Blaauw, D., Mudge, T.N.: Drowsy Instruction Caches: Leakage Power Reduction using Dynamic Voltage Scaling and Cache Sub-bank Prediction. In: MICRO. International Symposium on Microarchitecture, pp. 219–230 (2002)

    Google Scholar 

  20. Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  21. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  22. Montgomery, P.L.: Modular Multiplication Without Trial Division. Mathematics of Computation 44, 519–521 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  23. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and Countermeasures: the Case of AES. Cryptology ePrint Archive, Report 2005/271 (2005)

    Google Scholar 

  24. Page, D.: Defending Against Cache Based Side-Channel Attacks. Information Security Technical Report, 8 (1), 30–44 (2003)

    Google Scholar 

  25. Page, D.: Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Cryptology ePrint Archive, Report 2002/169 (2002)

    Google Scholar 

  26. Patterson, D.A., Hennessy, J.L.: Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Francisco (2006)

    MATH  Google Scholar 

  27. Percival, C.: Cache Missing For Fun And Profit, http://www.daemonology.net/papers/htt.pdf

  28. Trostle, J.T.: Timing Attacks Against Trusted Path. In: IEEE Symposium on Security and Privicy, pp. 125–134. IEEE Computer Society Press, Los Alamitos (1998)

    Google Scholar 

  29. Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES Implemented on Computers with Cache. In: D.Walter, C., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)

    Google Scholar 

  30. Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: ISITA. International Symposium on Information Theory and Its Applications (2002)

    Google Scholar 

  31. Powell, M., Yang, S.-H., Falsafi, B., Roy, K., Vijaykumar, T.N.: Gated-Vdd: A circuit technique to reduce leakage in deep-submicron cache memories. In: Proc. of Int. Symp. Low Power Electronics and Design (2000)

    Google Scholar 

  32. Li, Y., Parikh, D., Zhang, Y., Sankaranarayanan, K., Stan, M., Skadron, K.: State-Preserving vs. Non-State-Preserving Leakage Control in Caches. Design, Automation and Test in Europe (DATE), 22–29 (2004)

    Google Scholar 

  33. University of Michigan Sim-Panalyzer 2.0.3, http://www.eecs.umich.edu/~panalyzer/

  34. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power Analysis Attacks of Modular Exponentiation in Smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  35. Koç, Ç.K., Acar, T., Kaliski, B.S.: Analyzing and Comparing Montgomery Multiplication Algorithms. IEEE Micro 16(3), 26–33 (1996)

    Article  Google Scholar 

  36. Burger, D., Austin, T.M.: The SimpleScalar Tool Set Version 2.0. Computer Architecture News (1997)

    Google Scholar 

  37. Zhang, Y., Parikh, D., Sankaranarayanan, K., Skadron, K., Stan, M.: Hotleakage: A temperature-aware model of subthreshold and gate leakage for architects, http://lava.cs.virginia.edu/HotLeakage/

Download references

Author information

Authors and Affiliations

Authors

Editor information

Steven D. Galbraith

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Grabher, P., Großschädl, J., Page, D. (2007). Cryptographic Side-Channels from Low-Power Cache Memory. In: Galbraith, S.D. (eds) Cryptography and Coding. Cryptography and Coding 2007. Lecture Notes in Computer Science, vol 4887. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77272-9_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77272-9_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77271-2

  • Online ISBN: 978-3-540-77272-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics