Skip to Main content Skip to Navigation

Understanding cache attacks

Anne Canteaut 1 Cédric Lauradoux 1 André Seznec 2 
1 CODES - Coding and cryptography
Inria Paris-Rocquencourt
2 CAPS - Compilation, parallel architectures and system
IRISA - Institut de Recherche en Informatique et Systèmes Aléatoires, Inria Rennes – Bretagne Atlantique
Abstract : This paper points out that both the micro-architecture of the processor and the cache initial state impact the amount of side-channel information which is provided by analyzing the cache behaviour during a symmetric encryption. Therefore, the vulnerability of a block cipher implementation based on lookup tables highly varies with the encryption context and with the targeted platform. Our results then clarify some simulations reported by Bernstein and show that they can be reproduced only in a very particular context. However, we point out that some AES key bits can be recovered even if all lookup tables lie in the cache before each encryption, i.e., if all cache misses are avoided.
Document type :
Complete list of metadata

Cited literature [1 references]  Display  Hide  Download
Contributor : Rapport De Recherche Inria Connect in order to contact the contributor
Submitted on : Tuesday, May 23, 2006 - 5:07:02 PM
Last modification on : Thursday, February 3, 2022 - 11:13:55 AM
Long-term archiving on: : Sunday, April 4, 2010 - 10:09:15 PM


  • HAL Id : inria-00071387, version 1


Anne Canteaut, Cédric Lauradoux, André Seznec. Understanding cache attacks. [Research Report] RR-5881, INRIA. 2006. ⟨inria-00071387⟩



Record views


Files downloads