Improving cache attacks by considering cipher structure

  • Yukiyasu Tsunoo
  • Etsuko Tsujihara
  • Maki Shigeri
  • Hiroyasu Kubo
  • Kazuhiko Minematsu
Regular Contribution

Abstract

A concrete attack using side channel information from cache memory behaviour was proposed for the first time at ISITA 2002. The attack uses the difference between execution times associated with S-box cache-hits and cache-misses to recover the intermediate key. Recently, a theoretical estimation of the number of messages needed for the attack was proposed and it was reported that the average method obtains key information with fewer messages than maximum threshold or intermediate threshold method. Taking the structure of cipher into account, this paper provided the cache attack in which the average method is embodied, and provides improved key estimation. This paper includes the study on the attack that exploits internal collision.

Block cipher Side channel attack Timing attack Cache attack 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. J. Comput. Security 8, 141–158 (2000)Google Scholar
  2. 2.
    Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of block ciphers implemented on computers with cache. In: International Symposium on Information Theory and Its Applications (2002)Google Scholar
  3. 3.
    Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Workshop on Cryptographic Hardware and Embedded Systems. LNCS, vol. 2779, pp. 62–76. Springer-Verlag, Berlin Heidelberg New York (2003)Google Scholar
  4. 4.
    Tsunoo, Y., Kubo, H., Shigeri, M., Tsujihara, E., Miyauchi, H.: Timing attack on AES using cache delay in S-boxes. In: Symposium on Cryptography and Information Security (in Japanese) (2003)Google Scholar
  5. 5.
    Tsunoo, Y., Kawabata, T., Tsujihara, E., Minematsu, K., Miyauchi, H.: Timing attack on KASUMI using cache delay in S-boxes. In: Symposium on Cryptography and Information Security (in Japanese) (2003)Google Scholar
  6. 6.
    Tsunoo, Y., Suzaki, T., Saito, T., Kawabata, T., Miyauchi, H.: Timing attack on Camellia using cache delay in S-boxes. In: Symposium on Cryptography and Information Security (in Japanese) (2003)Google Scholar
  7. 7.
    Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Technical Report CSTR-02-003, Department of Computer Science, University of Bristol, http://www.cs.bris.ac.uk/ (2002)
  8. 8.
    Schramm, K., Wollinger, T., Paar, C.: A new class of collision attacks and its application to DES. Fast Software Encryption. LNCS, vol. 2887, pp. 206–222. Springer-Verlag, Berlin Heidelberg New York (2003)Google Scholar
  9. 9.
    Fouque, A.P., Muller, F., Poupard, G., Valette, F.: Defeating countermeasures based on randomized BSD representation. In: Workshop on Cryptographic Hardware and Embedded Systems. LNCS, vol. 3156, pp. 312–327. Springer-Verlag, Berlin Heidelberg New York (2004)Google Scholar
  10. 10.
    Ledig, H., Muller, F., Valette, F.: Enhancing collision attacks. In: Workshop on Cryptographic Hardware and Embedded Systems. LNCS, vol. 3156, pp. 176–190. Springer-Verlag, Berlin Heidelberg New York[AQ: Please provide the year in reference Ledig et al.]Google Scholar
  11. 11.
    Schramm, K., Leander, G., Felke, P., Paar, C.: A collision-attack on AES combining side channel- and differential attack. In: Workshop on Cryptographic Hardware and Embedded Systems. LNCS, vol. 3156, pp. 163–175. Springer-Verlag, Berlin Heidelberg New York (2004)Google Scholar
  12. 12.
    Leadbitter, J. P., Page, D., Smart, P. N.: Attacking DSA under a repeated bits assumption. In: Workshop on Cryptographic Hardware and Embedded Systems. LNCS, vol. 3156, pp. 428–439. Springer-Verlag, Berlin Heidelberg New York (2004)Google Scholar
  13. 13.
    Wiemers, A.: Partial collision search by side channel analysis. In: Presentation at the Workshop, Smartcards and Side Channel Attacks (2003)Google Scholar
  14. 14.
    IPA Japan, TAO of Japan: TechInfo of CRYPTREC Report 2001 (with CD-ROM). CRYPTREC Report (in Japanese) (2002)Google Scholar
  15. 15.
    Percival, C.: Cache missing for fun and profit. The Technical BSD Conference, http://www.daemonology.net/papers/htt.pdf (2005)
  16. 16.
    Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasure. In: IEEE Conference on Information Technology, Coding and Computing (2005)Google Scholar
  17. 17.
    Matsui, M.: New block encryption algorithm MISTY. The 4th Fast Software Encryption, pp. 54–68 (1997)Google Scholar
  18. 18.
    Ohkuma, K., Kawamura, S., Shimizu, H., Muratani, H.: Key inference in a side-channel based on cache miss. In: Symposium on Cryptography and Information Security (in Japanese) (2003)Google Scholar
  19. 19.
    Ohkuma, K.: An expanded key selection rule suite for the cache miss attack and the effect of a random noise. In: Symposium on Cryptography and Information Security (in Japanese) (2004)Google Scholar
  20. 20.
    Page, D.: Defending against cache based side-channel attacks. Inform. Security Tech. Rep. 8(1), 30–44 (2003)CrossRefGoogle Scholar
  21. 21.
    Bernstein, J.D.: Cache-timing attacks on AES. http://cr.yp.to/antiforgery/cachetiming-20041121.pdf (2004)

Copyright information

© Springer-Verlag 2006

Authors and Affiliations

  • Yukiyasu Tsunoo
    • 1
  • Etsuko Tsujihara
    • 2
  • Maki Shigeri
    • 3
  • Hiroyasu Kubo
    • 3
  • Kazuhiko Minematsu
    • 1
  1. 1.NEC CorporationKawasakiJapan
  2. 2.Y.D.K. Co. Ltd.InagiJapan
  3. 3.NEC Software Hokuriku Ltd.HakusanJapan

Personalised recommendations