On the Applicability of Time-Driven Cache Attacks on Mobile Devices

  • Raphael Spreitzer
  • Thomas Plos
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7873)


Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein’s [2] timing attack and the cache-collision attack by Bogdanov \({\textit{et al.}}\) [4] in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein’s timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov \({\textit{et al.}}\) [4].


AES ARM Cortex-A series processors time-driven cache attacks cache-collision attacks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Bernstein, D.J.: Cache-timing attacks on AES (2005),
  3. 3.
    Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES Power Attack Based on Induced Cache Miss and Countermeasure. In: ITCC (1), pp. 586–591 (2005)Google Scholar
  4. 4.
    Bogdanov, A., Eisenbarth, T., Paar, C., Wienecke, M.: Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 235–251. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Gallais, J.-F., Kizhvatov, I.: Error-Tolerance in Trace-Driven Cache Collision Attacks. In: COSADE, Darmstadt, pp. 222–232 (2011)Google Scholar
  6. 6.
    Gullasch, D., Bangerter, E., Krenn, S.: Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In: IEEE SP, pp. 490–505 (2011)Google Scholar
  7. 7.
    National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001)Google Scholar
  8. 8.
    Neve, M.: Cache-based Vulnerabilities and SPAM Analysis. PhD thesis, UCL (2006)Google Scholar
  9. 9.
    OpenSSL Software Foundation. OpenSSL Project (2012),
  10. 10.
    Spreitzer, R., Plos, T.: Cache-Access Pattern Attack on Disaligned AES T-Tables. In: COSADE 2013. LNCS. Springer (in press, 2013)Google Scholar
  11. 11.
    Spreitzer, R., Plos, T.: On the Applicability of Time-Driven Cache Attacks on Mobile Devices (Extended Version). Cryptology ePrint Archive, Report 2013/172 (2013),
  12. 12.
    Tromer, E., Osvik, D.A., Shamir, A.: Efficient Cache Attacks on AES, and Countermeasures. Journal of Cryptology 23(1), 37–71 (2010)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Weiß, M., Heinz, B., Stumpf, F.: A Cache Timing Attack on AES in Virtualization Environments. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 314–328. Springer, Heidelberg (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Raphael Spreitzer
    • 1
  • Thomas Plos
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyGrazAustria

Personalised recommendations