Tackling the Time-Defence: An Instruction Count Based Micro-architectural Side-Channel Attack on Block Ciphers

  • Manaar Alam
  • Sarani Bhattacharya
  • Debdeep Mukhopadhyay
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)

Abstract

Hardware Performance Counters (HPCs) are present in most modern processors and provide an interface to user-level processes to monitor their processor performance in terms of the number of micro architectural events, executed during a process execution. In this paper, we analyze the leakage from these HPC events and present a new micro-architectural side-channel attack which observes number of instruction counts during the execution of an encryption algorithm as side-channel information to recover the secret key. This paper first demonstrates the fact that the instruction counts can act as a side-channel and then describes the Instruction Profiling Attack (IPA) methodology with the help of two block ciphers, namely AES and Clefia, on Intel and AMD processors. We follow the principles of profiled instruction attacks and show that the proposed attack is more potent than the well-known cache timing attacks in literature. We also perform experiments on ciphers implemented with popular time fuzzing schemes to subvert timing attacks. Our results show that while the countermeasure successfully stops leakages through the timing channels, it is vulnerable to the Instruction Profiling Attack. We validate our claims by detailed experiments on contemporary Intel and AMD platforms to demonstrate that seemingly benign instruction counts can serve as side-channels even for block cipher implementations which are hardened against timing attacks.

Keywords

Micro-architectural side-channel attack Hardware performance counters Cache-timing attack Block-cipher 

References

  1. 1.
    Aciiçmez, O.: Yet another microarchitectural attack: : exploiting I-cache. In: Proceedings of the 2007 ACM Workshop on Computer Security Architecture, CSAW 2007, Fairfax, VA, USA, 2 November 2007, pp. 11–18 (2007)Google Scholar
  2. 2.
    Acıiçmez, O., Schindler, W., Koç, Ç.K.: Cache based remote timing attack on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271–286. Springer, Heidelberg (2006).  https://doi.org/10.1007/11967668_18 CrossRefGoogle Scholar
  3. 3.
    Barreto, P.S.L.M.: The AES block cipher in C++Google Scholar
  4. 4.
    Bernstein, D.J.: Cache-timing attacks on AES. Techical report (2005)Google Scholar
  5. 5.
    Bernstein, D.J., Lange, T., Schwabe, P.: The security impact of a new cryptographic library. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 159–176. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-33481-8_9 CrossRefGoogle Scholar
  6. 6.
    Bhattacharya, S., Rebeiro, C., Mukhopadhyay, D.: Unraveling timewarp: what all the fuzz is about? In: HASP 2013, The Second Workshop on Hardware and Architectural Support for Security and Privacy, Tel-Aviv, Israel, 23–24 June 2013, p. 8 (2013)Google Scholar
  7. 7.
    Federal Information Processing Standards Publication 197. Announcing the Advanced Encryption Standard (AES)Google Scholar
  8. 8.
    Granger, R., Page, D., Stam, M.: Hardware and software normal basis arithmetic for pairing-based cryptography in characteristic three. IEEE Trans. Comput. 54(7), 852–860 (2005)CrossRefGoogle Scholar
  9. 9.
    Intel 64 and IA-32 Architectures Software Developer’s Manual Volume 3 (3A, 3B, 3C & 3D): System Programming Guide (2010)Google Scholar
  10. 10.
    Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, 17–21 May 2015, pp. 605–622 (2015)Google Scholar
  11. 11.
    Martin, R., Demme, J., Sethumadhavan, S.: Timewarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks. In: 39th International Symposium on Computer Architecture (ISCA 2012), Portland, OR, USA, 9–13 June 2012, pp. 118–129 (2012)Google Scholar
  12. 12.
    Mukhopadhyay, D., Chakraborty, R.S.: Hardware Security: Design, Threats, and Safeguards, 1st edn. Chapman & Hall/CRC, Boca Raton (2014)Google Scholar
  13. 13.
    Neve, M., Seifert, J., Wang, Z.: A refined look at Bernstein’s AES side-channel analysis. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, Taipei, Taiwan, 21–24 March 2006, p. 369 (2006)Google Scholar
  14. 14.
    Nyberg, K.: Generalized Feistel networks. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996).  https://doi.org/10.1007/BFb0034838 Google Scholar
  15. 15.
  16. 16.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006).  https://doi.org/10.1007/11605805_1 CrossRefGoogle Scholar
  17. 17.
    perf: Linux profiling with performance counters (2015)Google Scholar
  18. 18.
    Performance Application Programming Interface (2016)Google Scholar
  19. 19.
    Rebeiro, C., Mondal, M., Mukhopadhyay, D.: Pinpointing cache timing attacks on AES. In: VLSI Design 2010: 23rd International Conference on VLSI Design, 9th International Conference on Embedded Systems, Bangalore, India, 3–7 January 2010, pp. 306–311 (2010)Google Scholar
  20. 20.
    Rebeiro, C., Mukhopadhyay, D., Bhattacharya, S.: Timing Channels in Cryptography: A Micro-Architectural Perspective. Springer Publishing Company, Incorporated, Cham (2014).  https://doi.org/10.1007/978-3-319-12370-7 Google Scholar
  21. 21.
    Rebeiro, C., Mukhopadhyay, D., Takahashi, J., Fukunaga, T.: Cache timing attacks on clefia. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 104–118. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10628-6_7 CrossRefGoogle Scholar
  22. 22.
    Sony Corporation: The 128-bit blockcipher Clefia: Algorithm specification (2007)Google Scholar
  23. 23.
    The OpenSSL Project. http://www.openssl.org
  24. 24.
  25. 25.
    Wang, X., Karri, R.: Numchecker: detecting kernel control-flow modifying rootkits by using hardware performance counters. In: The 50th Annual Design Automation Conference 2013, DAC 2013, Austin, TX, USA, 29 May–07 June 2013, pp. 79:1–79:7 (2013)Google Scholar
  26. 26.
    Wang, X., Karri, R.: Reusing hardware performance counters to detect and identify kernel control-flow modifying rootkits. IEEE Trans. CAD Integr. Circuits Syst. 35(3), 485–498 (2016)CrossRefGoogle Scholar
  27. 27.
    Wang, X., Konstantinou, C., Maniatakos, M., Karri, R.: Confirm: detecting firmware modifications in embedded systems using hardware performance counters. In: Proceedings of the IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2015, Austin, TX, USA, 2–6 November 2015, pp. 544–551 (2015)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Manaar Alam
    • 1
  • Sarani Bhattacharya
    • 1
  • Debdeep Mukhopadhyay
    • 1
  1. 1.Indian Institute of Technology, KharagpurKharagpurIndia

Personalised recommendations