Cache Based Remote Timing Attack on the AES

  • Onur Acıiçmez
  • Werner Schindler
  • Çetin K. Koç
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4377)


We introduce a new robust cache-based timing attack on AES. We present experiments and concrete evidence that our attack can be used to obtain secret keys of remote cryptosystems if the server under attack runs on a multitasking or simultaneous multithreading system with a large enough workload. This is an important difference to recent cache-based timing attacks as these attacks either did not provide any supporting experimental results indicating if they can be applied remotely, or they are not realistically remote attacks.


Cache Attack Remote Attack AES Timing Analysis Side Channel Analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Acıiçmez, O., Schindler, W., Koç, Ç.K.: Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations. In: Meadows, C., Syverson, P. (eds.) ACM CCS 2005, Virginia, pp. 139–146 (2005)Google Scholar
  2. 2.
    Acıiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES. Cryptology ePrint Archive, Report 2006/138 (2006), Available at:
  3. 3.
    Acıiçmez, O., Koç, Ç.K., Seifert, J.-P.: Predicting Secret Keys via Branch Prediction. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377. Springer, Heidelberg (2006)Google Scholar
  4. 4.
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Bernstein, D.J.: Cache-timing attacks on AES (April 2005), Available at:
  6. 6.
    Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC 2005, pp. 586–591. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  7. 7.
    Bleichenbacher, D.: Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)Google Scholar
  8. 8.
    Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Brickell, E., Graunke, G., Neve, M., Seifert, J.-P.: Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052 (2006), Available at:
  10. 10.
    Brumley, D., Boneh, D.: Remote Timing Attacks are Practical. In: Proceedings of the 12th Usenix Security Symposium, pp. 1–14 (2003)Google Scholar
  11. 11.
    Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Berlin (2001)Google Scholar
  12. 12.
    Feller, W.: An Introduction to Probability Theory, 3rd edn. Wiley, New York (1970) (revised printing)Google Scholar
  13. 13.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security 8, 141–158 (2000)Google Scholar
  15. 15.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie–Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  16. 16.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  17. 17.
    Lauradoux, C.: Collision attacks on processors with cache and countermeasures. In: Wolf, C., Lucks, S., Yau, P.-W. (eds.) WEWoRC 2005, Kl̈len, Bonn. LNI, vol. P-74, pp. 76–85 (2005)Google Scholar
  18. 18.
    Neve, M., Seifert, J.-P., Wang, Z.: A refined look at Bernstein’s AES side-channel analysis. In: ASIA CCS 2006, pp. 369–369. ACM Press, New York (2006)Google Scholar
  19. 19.
    Seifert, J.-P., Neve, M.: Advances on Access-Driven Cache Attacks on AES. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 147–162. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Page, D.: Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02-003, Department of Computer Science, University of Bristol (June 2002)Google Scholar
  22. 22.
    Page, D.: Defending Against Cache Based Side-Channel Attacks. Technical Report. Department of Computer Science, University of Bristol (2003)Google Scholar
  23. 23.
    Page, D.: Partitioned Cache Architecture as a Side Channel Defence Mechanism. Cryptography ePrint Archive, Report 2005/280 (2005), Available at:
  24. 24.
    Percival, C.: Cache missing for fun and profit. In: BSDCan 2005, Ottawa (2005), Available at:
  25. 25.
    Schindler, W.: On the Optimization of Side-Channel Attacks by Advanced Stochastic Methods. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 85–103. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  26. 26.
    Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: ISITA 2002, IEEE Information Theory Society, pp. 803–806 (2002)Google Scholar
  27. 27.
    Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES Implemented on Computers with Cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  28. 28.
    Tsunoo, Y., Tsujihara, E., Shigeri, M., Kubo, H., Minematsu, K.: Improving cache attacks by considering cipher structure. International Journal of Information Security (February 2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Onur Acıiçmez
    • 1
  • Werner Schindler
    • 2
  • Çetin K. Koç
    • 1
    • 3
  1. 1.School of EECS, CorvallisOregon State UniversityUSA
  2. 2.Bundesamt für Sicherheit in der Informationstechnik (BSI)BonnGermany
  3. 3.Information Security Research CenterIstanbul Commerce University, EminönüIstanbulTurkey

Personalised recommendations