Chapter

Advances in Cryptology – ASIACRYPT 2009

Volume 5912 of the series Lecture Notes in Computer Science pp 667-684

Cache-Timing Template Attacks

  • Billy Bob BrumleyAffiliated withLancaster UniversityDepartment of Information and Computer Science, Helsinki University of Technology
  • , Risto M. HakalaAffiliated withLancaster UniversityDepartment of Information and Computer Science, Helsinki University of Technology

Abstract

Cache-timing attacks are a serious threat to security-critical software. We show that the combination of vector quantization and hidden Markov model cryptanalysis is a powerful tool for automated analysis of cache-timing data; it can be used to recover critical algorithm state such as key material. We demonstrate its effectiveness by running an attack on the elliptic curve portion of OpenSSL (0.9.8k and under). This involves automated lattice attacks leading to key recovery within hours. We carry out the attack on live cache-timing data without simulating the side channel, showing these attacks are practical and realistic.

Keywords

cache-timing attacks side channel attacks elliptic curve cryptography