Cache Based Power Analysis Attacks on AES

  • Jacques Fournier
  • Michael Tunstall
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4058)


This paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on side-channel information gained by observing cache hits and misses in the current drawn by the smart card. Two different attacks are described. The first is a combination of ideas proposed in [2] and [11] to produce an attack that only requires the manipulation of the plain text and the observation of the current. The second is an attack based on specific implementations of the xtime function [10]. These attacks are shown to also work against algorithms using Boolean data masking techniques as a DPA countermeasure.


Smart Card Clock Cycle Advance Encryption Standard Plain Text Cache Line 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Bernstein, D.J.: Cache timing attacks on AES (2004),
  3. 3.
    Bertoni, G., Zaccaria, V., Breveglieri, L., Monchiero, M., Palermo, G.: AES power attack based on induced cache miss and countermeasures. In: International Symposium on Information Technology: Coding and Computing – ITCC 2005, pp. 586–591. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  4. 4.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Hennessy, J.L., Patterson, D.A.: Computer Architecture: A Quantitative Approach. Morgan Kaufmann, San Francisco (2003)Google Scholar
  6. 6.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Messerges, T.S.: Power Analysis Attacks and Countermeasures for Cryptographic Algorithms. PhD thesis, University of Illinois, Chicago (2000)Google Scholar
  8. 8.
    MIPS-Technologies. SmartMIPS ASE,
  9. 9.
    MIPS-Technologies. MIPSTMarchitecture for programmers, vol. I: Introduction to the MIPS32TMarchitecture. Technical Report MD00082, Revision 0.95 (March 2001)Google Scholar
  10. 10.
    National Institute of Standards and Technology. Advanced encryption standard (AES) (FIPS–197) (2001)Google Scholar
  11. 11.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: The case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Page, D.: Theoretical use of cache memory as a cryptanalytic side–channel. Cryptology ePrint Archive, Report 2002/169 (2002),
  13. 13.
    Page, D.: Defending against cache based side-channel attacks. Information Security Technical Report 8(1), 30–44 (2003)CrossRefGoogle Scholar
  14. 14.
    Rao, J.R., Rohatgi, P., Scherzer, H., Tinguely, S.: Partitioning attacks: or how to rapidly clone some gsm cards. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 31–41 (2002)Google Scholar
  15. 15.
    Infineon Technologies AG Secure and Mobile Solutions Security Group. Security & chip cards ICs SLE88Cx4000P, preliminary short product information 04.03 (2003)Google Scholar
  16. 16.
    Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jacques Fournier
    • 1
    • 2
  • Michael Tunstall
    • 3
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK
  2. 2.Security Technologies DepartmentGemplus Card InternationalLa CiotatFrance
  3. 3.Smart Card Centre, Information Security Group, Royal HollowayUniversity of LondonEghamUK

Personalised recommendations