Analysis of Countermeasures Against Access Driven Cache Attacks on AES

  • Johannes Blömer
  • Volker Krummel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4876)


Cache based attacks (CBA) exploit the different access times of main memory and cache memory to determine information about internal states of cryptographic algorithms. CBAs turn out to be very powerful attacks even in practice. In this paper we present a general and strong model to analyze the security against CBAs. We introduce the notions of information leakage and resistance to analyze the security of several implementations of AES. Furthermore, we analyze how to use random permutations to protect against CBAs. By providing a successful attack on an AES implementation protected by random permutations we show that random permutations used in a straightforward manner are not enough to protect against CBAs. Hence, to improve upon the security provided by random permutations, we describe the property a permutation must have in order to prevent the leakage of some key bits through CBAs.


cache attacks AES threat model countermeasures random permutations 


  1. 1.
    Aciiçmez, O., Koç, Ç.K.: Trace-driven cache attacks on AES (short paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 112–121. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Aciiçmez, O., Schindler, W., Koç, Ç.K.: Cache based remote timing attack on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Bernstein, D.J.: Cache-timing attacks on AES (2005),, Document ID: cd9faae9bd5308c440df50fc26a517b4
  4. 4.
    Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasure. In: ITCC (1), pp. 586–591. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  5. 5.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Blömer, J., Krummel, V.: Analysis of countermeasures against access driven cache attacks on AES (full version). Cryptology ePrint Archive, Report 2007/282 (2007)Google Scholar
  7. 7.
    Brickell, E., Graunke, G., Neve, M., Seifert, J.-P.: Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052 (2006),
  8. 8.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  9. 9.
    Hu, W.-M.: Lattice scheduling and covert channels. In: IEEE Symposium on Security and Privacy, pp. 52–61. IEEE Computer Society Press, Los Alamitos (1992)Google Scholar
  10. 10.
    Lauradoux, C.: Collision attacks on processors with cache and countermeasures. In: Wolf, C., Lucks, S., Yau, P.-W. (eds.) WEWoRC. LNI, vol. 74, pp. 76–85 (2005)Google Scholar
  11. 11.
    Neve, M., Seifert, J.-P.: Advances on access-driven cache attacks on AES. In: Proceedings of Selected Areas in Cryptography 2006 (2006)Google Scholar
  12. 12.
    Neve, M., Seifert, J.-P., Wang, Z.: A refined look at Bernstein’s AES side-channel analysis. In: Lin, F.-C., Lee, D.-T., Lin, B.-S., Shieh, S., Jajodia, S. (eds.) ASIACCS, p. 369. ACM, New York (2006)CrossRefGoogle Scholar
  13. 13.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: The case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Cryptology ePrint Archive, Report 2002/169 (2002),
  15. 15.
    Page, D.: Partitioned cache architecture as a side-channel defence mechanism. Cryptology ePrint Archive, Report 2005/280 (2005),
  16. 16.
    Percival, C.: Cache missing for fun and profit. In: BSDCan 2005 (2005)Google Scholar
  17. 17.
    Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Johannes Blömer
    • 1
  • Volker Krummel
    • 1
  1. 1.Faculty of Computer Science, Electrical Engineering and Mathematics, University of PaderbornGermany

Personalised recommendations