Cache Based Power Analysis Attacks on AES
This paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on side-channel information gained by observing cache hits and misses in the current drawn by the smart card. Two different attacks are described. The first is a combination of ideas proposed in  and  to produce an attack that only requires the manipulation of the plain text and the observation of the current. The second is an attack based on specific implementations of the xtime function . These attacks are shown to also work against algorithms using Boolean data masking techniques as a DPA countermeasure.
KeywordsSmart Card Clock Cycle Advance Encryption Standard Plain Text Cache Line
Unable to display preview. Download preview PDF.
- 2.Bernstein, D.J.: Cache timing attacks on AES (2004), http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
- 3.Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasures. In: International Symposium on Information Technology: Coding and Computing – ITCC 2005, pp. 586–591. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
- 5.Hennessy, J.L., Patterson, D.A.: Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Francisco (2003)Google Scholar
- 6.Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
- 7.Messerges, T.S.: Power Analysis Attacks and Countermeasures for Cryptographic Algorithms. PhD thesis, University of Illinois, Chicago (2000)Google Scholar
- 8.MIPS-Technologies. SmartMIPS ASE, http://www.mips.com/content/Products/
- 9.MIPS-Technologies. MIPSTMarchitecture for programmers, vol. I: Introduction to the MIPS32TMarchitecture. Technical Report MD00082, Revision 0.95 (March 2001)Google Scholar
- 10.National Institute of Standards and Technology. Advanced encryption standard (AES) (FIPS–197) (2001)Google Scholar
- 12.Page, D.: Theoretical use of cache memory as a cryptanalytic side–channel. Cryptology ePrint Archive, Report 2002/169 (2002), http://eprint.iacr.org/
- 14.Rao, J.R., Rohatgi, P., Scherzer, H., Tinguely, S.: Partitioning attacks: or how to rapidly clone some gsm cards. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 31–41 (2002)Google Scholar
- 15.Infineon Technologies AG Secure and Mobile Solutions Security Group. Security & chip cards ICs SLE88Cx4000P, preliminary short product information 04.03 (2003)Google Scholar