Spy Cartel: Parallelizing Evict+Time-Based Cache Attacks on Last-Level Caches

  • Himanshi JainEmail author
  • D. Anthony Balaraju
  • Chester Rebeiro


A powerful cache timing attack cannot only determine the secret key of a cryptographic cipher accurately but also do so quickly. Cache timing attacks that utilize the shared L1 cache memory are known to have these two characteristics. On the other hand, attacks using the shared last-level cache (LLC) memory are not always successful in obtaining the secret key, and they take considerably longer than an L1 cache attack. This paper leverages the fact that all LLC attacks run on multi-core CPUs, facilitating the attack programs to be parallelized. We show how parallelization can be used to reduce the runtime and improve the attack’s success making it at par with L1 cache attacks. We then propose a new methodology for LLC cache attacks, by which an attacker can maximize the attack success for a given time frame. The only additional requirement is learning about the target system’s runtime behavior, which is done offline. We validate all our claims on a 4-core and a 10-core CPU.


Cache timing attacks Last-level cache memories Evict+Time Multi-core CPUs 



  1. 1.
    Acıiċmez O, Koç CK (2006) Trace-driven cache attacks on AES (short paper). In: International conference on information and communications security. Springer, pp 112–121Google Scholar
  2. 2.
    Aciiçmez O, Koç CK, Seifert J-P (2007) Predicting secret keys via branch prediction. In: The cryptographers’ track at the RSA conference 2007, San Francisco, CA, USA, February 5–9, 2007, proceedings, pp 225–242Google Scholar
  3. 3.
    Aciiçmez O, Brumley BB, Grabher P (2010) New results on instruction cache attacks. In: Cryptographic hardware and embedded systems, CHES 2010, 12th international workshop, Santa Barbara, CA, USA, August 17–20, 2010, proceedings, volume 6225 of lecture notes in computer science. Springer, pp 110–124Google Scholar
  4. 4.
    Apecechea GI, Inci MS, Eisenbarth T, Sunar B (2014) Wait a minute! a fast, cross-vm attack on AES. In: Research in attacks, intrusions and defenses - 17th international symposium, RAID 2014, Gothenburg, Sweden, September 17–19, 2014, proceedings, volume 8688 of lecture notes in computer science. Springer, pp 299–319Google Scholar
  5. 5.
    Apecechea GI, Eisenbarth T, Berk S (2015) S$a: a shared cache attack that works across cores and defies VM sandboxing - and its application to AES. In: 2015 IEEE symposium on security and privacy, SP 2015, San Jose, CA, USA, May 17–21, 2015, pp 591–604Google Scholar
  6. 6.
    Bernstein DJ (2005) Cache-timing attacks on AES.
  7. 7.
    Bertoni G, Zaccaria V, Breveglieri L, Monchiero M, Palermo G (2005) AES power attack based on induced cache miss and countermeasure. In: International conference on information technology: coding and computing, 2005. ITCC 2005, vol 1. IEEE, pp 586–591Google Scholar
  8. 8.
    Bonneau J, Mironov I (2006) Cache-collision timing attacks against AES. In: Cryptographic hardware and embedded systems - CHES 2006, 8th international workshop, Yokohama, Japan, October 10–13, 2006, proceedings, volume 4249 of lecture notes in computer science. Springer, pp 201–215Google Scholar
  9. 9.
    Brumley BB, Hakala RM (2009) Cache-timing template attacks. In: Advances in cryptology - ASIACRYPT 2009, 15th international conference on the theory and application of cryptology and information security, Tokyo, Japan, December 6–10, 2009. Proceedings, pp 667–684Google Scholar
  10. 10.
    Goodwill BJG, Jaffe J, Rohatgi P, et al. (2011) A testing methodology for side-channel resistance validation. In: NIST non-invasive attack testing workshopGoogle Scholar
  11. 11.
    Gullasch D, Bangerter E, Krenn S (2011) Cache games - bringing access-based cache attacks on AES to practice. In: 32nd IEEE symposium on security and privacy, S&P 2011, 22–25 May 2011, Berkeley, California, USA. IEEE Computer Society, pp 490–505Google Scholar
  12. 12.
    Hund R, Willems C, Holz T (2013) Practical timing side channel attacks against kernel space ASLR. In: 20th annual network and distributed system security symposium, NDSS 2013, San Diego, California, USA, February 24–27, 2013Google Scholar
  13. 13.
    Kocher P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attackes: exploiting speculative execution. arXiv:1801.01203
  14. 14.
    Koeune F, Quisquater J-J (1999) A timing attack against RijndaelGoogle Scholar
  15. 15.
    Lauradoux C (2005) Collision attacks on processors with cache and countermeasures. In: WEWoRC 2005 - Western European workshop on research in cryptology, July 5–7, 2005, Leuven, Belgium, volume 74 of LNI, pp 76–85. GI. ISBN 3-88579-403-9Google Scholar
  16. 16.
    Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown. arXiv:1801.01207
  17. 17.
    Liu F, Yarom Y, Ge Q, Heiser G, Lee RB (2015) Last-level cache side-channel attacks are practical. In: 2015 IEEE symposium on security and privacy, SP 2015, San Jose, CA, USA, May 17–21, 2015, pp 605–622Google Scholar
  18. 18.
    Massey JL (1994) Guessing and entropy. In: 1994 IEEE international symposium on information theory, 1994. Proceedings. IEEE, p 204Google Scholar
  19. 19.
    Maurice C, Le Scouarnec N, Neumann C, Heen O, Francillon A (2015) Reverse engineering intel last-level cache complex addressing using performance counters. In: Research in attacks, intrusions, and defenses - 18th international symposium, RAID 2015, Kyoto, Japan, November 2–4, 2015, Proceedings, volume 9404 of lecture notes in computer science. Springer, pp 48–65Google Scholar
  20. 20.
    Neve M, Seifert J-P (2006) Advances on access-driven cache attacks on AES. In: Selected areas in cryptography, 13th international workshop, SAC 2006, Montreal, Canada, August 17–18, 2006 revised selected papers, volume 4356 of lecture notes in computer science. Springer, pp 147–162Google Scholar
  21. 21.
    Neve M, Seifert J-P, Wang Z (2006) A refined look at Bernstein’s AES side-channel analysis. In: Proceedings of the 2006 ACM symposium on Information, computer and communications security, ASIACCS 2006, Taipei, Taiwan, March 21–24, 2006. ISBN 1-59593-272-0. ACM, p 369Google Scholar
  22. 22.
    Oren Y, Kemerlis VP, Sethumadhavan S, Keromytis AD (2015) The spy in the sandbox: practical cache attacks in Javascript and their implications. In: Proceedings of the 22nd ACM SIGSAC conference on computer and communications security, Denver, CO, USA, October 12–6, 2015. ACM, pp 1406–1418Google Scholar
  23. 23.
    Osvik DA, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of AES. In: Topics in cryptology - CT-RSA 2006, the cryptographers’ track at the RSA conference 2006, San Jose, CA, USA, February 13–17, 2006. Proceedings, volume 3860 of lecture notes in computer science. Springer, pp 1–20Google Scholar
  24. 24.
    Percival C (2005) Cache missing for fun and profit. BSDCan: 1–13Google Scholar
  25. 25.
    Rebeiro C, Mukhopadhyay D (2015) Micro-architectural analysis of time-driven cache attacks quest for the ideal implementation. IEEE Trans Comput 64(3):778–790MathSciNetCrossRefGoogle Scholar
  26. 26.
    Rebeiro C, Mukhopadhyay D, Takahashi J, Fukunaga T (2009) Cache timing attacks on clefia. In: Progress in cryptology - INDOCRYPT 2009, 10th international conference on cryptology in India, New Delhi, India, December 13–16, 2009. Proceedings, volume 5922 of lecture notes in computer science. Springer, pp 104–118Google Scholar
  27. 27.
    Rebeiro C, Mondal M, Mukhopadhyay D (2010) Pinpointing cache timing attacks on AES. In: 23Rd international conference on VLSI design, 9th international conference on embedded systems, Bangalore, India, 3–7 January 2010. IEEE Computer Society, pp 306–311Google Scholar
  28. 28.
    Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on computer and communications security. ACM, pp 199–212Google Scholar
  29. 29.
    Tiri K, Aciiçmez O, Neve M, Andersen F (2007) An analytical model for time-driven cache attacks. In: FSE 2007, Luxembourg, March 26–28, 2007, revised selected papers, volume 4593 of lecture notes in computer science. Springer, pp 399–413Google Scholar
  30. 30.
    Tromer E, Osvik DA, Shamir A (2010) Efficient cache attacks on AES, and countermeasures. J Cryptol 23(1):37–71MathSciNetCrossRefGoogle Scholar
  31. 31.
    Tsunoo Y, Saito T, Suzaki T, Shigeri M, Miyauchi H (2003) Cryptanalysis of DES implemented on computers with cache. In: CHES 2003, 5Th international workshop, Cologne, Germany, September 8–10, 2003, proceedings, volume 2779 of lecture notes in computer science. Springer, pp 62–76Google Scholar
  32. 32.
    Varadarajan V, Zhang Y, Ristenpart T, Swift MM (2015) A placement vulnerability study in multi-tenant public clouds. In: USENIX security symposium, pp 913–928Google Scholar
  33. 33.
    Zhang X, Wang H, Zhenyu W (2015) A measurement study on co-residence threat inside the cloud. In: USENIX security symposium, pp 929–944Google Scholar
  34. 34.
    Yarom Y, Katrina F (2014) FLUSH+RELOAD: a high resolution, low noise, l3 cache side-channel attack. In: Proceedings of the 23rd USENIX security symposium, San Diego, CA, USA, August 20–22, 2014. USENIX Association, pp 719–732Google Scholar
  35. 35.
    Yarom Y, Ge Q, Liu F, Lee RB, Heiser G (2015) Mapping the intel last-level cache. IACR Cryptology ePrint Archive 2015:905Google Scholar
  36. 36.
    Zhao X-J, Wang T (2010) Improved cache trace attack on AES and CLEFIA by considering cache miss and s-box misalignment. IACR Cryptology ePrint Archive 2010:56Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Indian Institute of Technology MadrasChennaiIndia

Personalised recommendations