Differential Cache-Collision Timing Attacks on AES with Applications to Embedded CPUs

Andrey Bogdanov, Thomas Eisenbarth, Christof Paar, Malte Wienecke

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

This paper proposes a new type of cache-collision timing attacks on software implementations of AES. Our major technique is of differential nature and is based on the internal cryptographic properties of AES, namely, on the MDS property of the linear code providing the diffusion matrix used in the MixColumns transform. It is a chosen-plaintext attack where pairs of AES executions are treated differentially. The method can be easily converted into a chosen-ciphertext attack. We also thoroughly study the physical behavior of cache memory enabling this attack. On the practical side, we demonstrate that our theoretical findings lead to efficient real-world attacks on embedded systems implementing AES at the example of ARM9. As this is one of the most wide-spread embedded platforms today [7], our experimental results might make a revision of the practical security of many embedded applications with security functionality necessary. To our best knowledge, this is the first paper to study cache timing attacks on embedded systems. © 2010 Springer-Verlag.
Original languageEnglish
Title of host publicationTopics in Cryptology - CT-RSA 2010. Proceedings
PublisherSpringer
Publication date2010
Pages235-251
ISBN (Print)978-3-642-11924-8
ISBN (Electronic)978-3-642-11925-5
DOIs
Publication statusPublished - 2010
Externally publishedYes
EventCT-RSA 2010: The Cryptographers’ Track at the RSA Conference 2010 - San Francisco, CA, United States
Duration: 1 Mar 20105 Mar 2010

Conference

ConferenceCT-RSA 2010
CountryUnited States
CitySan Francisco, CA
Period01/03/201005/03/2010
SeriesLecture Notes in Computer Science
Volume5985
ISSN0302-9743

Cite this