Presentation is loading. Please wait.

Presentation is loading. Please wait.

Full AES key extraction in 65 milliseconds using cache attacks

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Full AES key extraction in 65 milliseconds using cache attacks"— Presentation transcript:

1 Full AES key extraction in 65 milliseconds using cache attacks
Dag Arne Osvik Adi Shamir 1 Eran Tromer 1 1 Weizmann Institute of Science

2 Main memory CPU CPU cache memory CPU core

3 Cache Attacks The state of the cache persists between processes, resulting in inter-process contention for cache resources. The data in the memory and caches is protected by virtual memory mechanisms, but the metadata is unprotected. This causes a leak of information about memory access patterns. … which can be exploited cryptanalytically (e.g., breaking AES) … very efficiently (e.g., just 300 encryptions for a known-plaintext attack) … or in a very powerful attack model (no knowledge of plaintexts or ciphertexts)

4 Past works on cache attacks
Covert channels [Hu ‘92] Theoretical attacks [Page ‘02] Timing attacks using internal collisions in block ciphers [Tsunoo Tsujihara Minematsu Miyuachi ’02] [Tsunoo Saito Suzaki Shigeri Miyauchi ’03] Recently: Timing attacks on AES based on external collisions [Bernstein ’04] Cache probing attack, Improved timing attacks via cache modeling, “Hyper Attacks” on AES [Osvik Shamir Tromer ’05] “Hyper Attacks” on RSA [Percival ’05] UPDATES

5 A typical software implementation of AES
char p[16], k[16]; // plaintext and key int32 T0[256],T1[256],T2[256],T3[256]; // lookup tables int32 Col[4]; // intermediate state ... /* Round 1 */ Col[0] T0[p[ 0]©k[ 0]]  T1[p[ 5]©k[ 5]]  T2[p[10]©k[10]]  T3[p[15]©k[15]]; Col[1] T0[p[ 4]©k[ 4]]  T1[p[ 9]©k[ 9]]  T2[p[14]©k[14]]  T3[p[ 3]©k[ 3]]; Col[2] T0[p[ 8]©k[ 8]]  T1[p[13]©k[13]]  T2[p[ 2]©k[ 2]]  T3[p[ 7]©k[ 7]]; Col[3] T0[p[12]©k[12]]  T1[p[ 1]©k[ 1]]  T2[p[ 6]©k[ 6]]  T3[p[11]©k[11]]; lookup index = plaintext  key (and the parameters are favorable to the attack)

6 Associative memory cache
memory block (64 bytes) main memory cache set (4 cache lines) cache line (64 bytes) cache

7 AES tables in memory T0 DRAM cache

8 Detecting access to AES tables (basic idea)
Attacker memory T0 DRAM cache

9 Attack 1: Evict+Time Selectively manipulate the state of the cache (e.g., evict a full cache set) Trigger encryption Measure how long it took Deduce what cache sets it accessed … cryptanalyze Our experimental result When attacking OpenSSL AES encryptions, can recover full key using 35 seconds of measurements.

10 Attack 2: Prime+Probe Fill cache with attacker’s own data
Trigger encryption Time access to attacker memory to see if it is still in cache Deduce what cache sets the encryption accessed … cryptanalyze Oblivious to timing variability in attacker code, hence applicable to larger real systems.

11 Attack 2 Our experimental results:
When attacking OpenSSL AES encryptions: Full key recovery using 16 milliseconds of measurements (300 encryptions with known inputs). Next talk: If you have known outputs, 30 encryptions suffice. When attacking a Linux dm-crypt AES encrypted filesystem (complicated system call going through filesystem, VM, scheduler…): Full key recovery using 65 milliseconds of measurements (800 encryptions) and 3 seconds of off-line analysis.

12 Attack 3: “Hyper Attack”
No explicit interaction between attacker and victim. No knowledge of specific plaintexts or ciphertexts. One implementation exploits HyperThreading. Fill cache with attacker’s data Wait for someone else to perform encryption Time access to attacker memory to see if it is still in cache Deduce what cache sets the encryption accessed … cryptanalyze based on knowledge of prior distribution of plaintexts/ciphertexts

13 Experimental results measuring OpenSSL AES encryption of English text

14 Implications Impact: Easy to deploy – pure software Hard to detect
Multiuser systems VPNs Virtual machines Trusted computing Sandboxes (JVM, JavaScript) Remote attacks Easy to deploy – pure software Hard to detect Hard to protect efficiently Full paper on my webpage:

Download ppt "Full AES key extraction in 65 milliseconds using cache attacks"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
AES Side Channel Attacks

AES Side Channel Attacks
Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011

Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011
Fabián E. Bustamante, Spring 2007

Fabián E. Bustamante, Spring 2007
Xiutao Feng Institute of Software Chinese Academy of Sciences A Byte-Based Guess and Determine Attack on SOSEMANUK.

Xiutao Feng Institute of Software Chinese Academy of Sciences A Byte-Based Guess and Determine Attack on SOSEMANUK.
Operating Systems Lecture 10 Issues in Paging and Virtual Memory Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing.

Operating Systems Lecture 10 Issues in Paging and Virtual Memory Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing.
White-Box Cryptography

White-Box Cryptography
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS 2012- Singapore.

Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS Singapore.
Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.

Symmetric Encryption Example: DES Weichao Wang. 2 Overview of the DES A block cipher: – encrypts blocks of 64 bits using a 64 bit key – outputs 64 bits.
Exploring timing based side channel attacks against 802.11i CCMP Suman Jana, Sneha K. Kasera University of Utah Introduction

Exploring timing based side channel attacks against i CCMP Suman Jana, Sneha K. Kasera University of Utah Introduction
1 Information Security – Theory vs. Reality 0368-4474-01, Winter 2011 Lecture 1: Introduction Eran Tromer.

1 Information Security – Theory vs. Reality , Winter 2011 Lecture 1: Introduction Eran Tromer.
Cryptanalysis through Cache Address Leakage Eran Tromer Adi Shamir Dag Arne Osvik.

Cryptanalysis through Cache Address Leakage Eran Tromer Adi Shamir Dag Arne Osvik.
Towards Application Security On Untrusted OS

Towards Application Security On Untrusted OS
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.

Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
1 Introduction to Information Security 0368-3065, Spring 2013 Lecture 9: Trusted computing architecture (cont.) Side-channel attacks Eran Tromer Slides.

1 Introduction to Information Security , Spring 2013 Lecture 9: Trusted computing architecture (cont.) Side-channel attacks Eran Tromer Slides.
On Recycling Encryption Schemes or

On Recycling Encryption Schemes or

Similar presentations

Ads by Google