Understanding cache attacks

Anne Canteaut 1 Cédric Lauradoux 1 André Seznec 2
1 CODES - Coding and cryptography
Inria Paris-Rocquencourt
2 CAPS - Compilation, parallel architectures and system
IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Inria Rennes – Bretagne Atlantique
Abstract : This paper points out that both the micro-architecture of the processor and the cache initial state impact the amount of side-channel information which is provided by analyzing the cache behaviour during a symmetric encryption. Therefore, the vulnerability of a block cipher implementation based on lookup tables highly varies with the encryption context and with the targeted platform. Our results then clarify some simulations reported by Bernstein and show that they can be reproduced only in a very particular context. However, we point out that some AES key bits can be recovered even if all lookup tables lie in the cache before each encryption, i.e., if all cache misses are avoided.
Document type :
Reports
[Research Report] RR-5881, INRIA. 2006
Liste complète des métadonnées

Cited literature [1 references]  Display  Hide  Download

https://hal.inria.fr/inria-00071387
Contributor : Rapport de Recherche Inria <>
Submitted on : Tuesday, May 23, 2006 - 5:07:02 PM
Last modification on : Friday, November 16, 2018 - 1:31:01 AM
Document(s) archivé(s) le : Sunday, April 4, 2010 - 10:09:15 PM

Identifiers

  • HAL Id : inria-00071387, version 1

Citation

Anne Canteaut, Cédric Lauradoux, André Seznec. Understanding cache attacks. [Research Report] RR-5881, INRIA. 2006. 〈inria-00071387〉

Share

Metrics

Record views

462

Files downloads

479