![Page 1: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/1.jpg)
AES Side Channel Attacks
Biru CuiSam Skalicky
![Page 2: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/2.jpg)
Outline
• AES algorithm• Side channel attacks• Side channel attack against AES• Cache-collision timing attack against AES• Countermeasures
![Page 3: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/3.jpg)
AES Algorithm
• Key Expansion• Initial Round
– Add Round Key – bitwise xor
• Rounds– Sub Bytes - Sbox– Shift Rows – rows shifted cyclically– Mix Columns – mixing operation on the columns– AddRoundKey
• Final Round (no Mix Columns)– Sub Bytes– Shift Rows– Add Round Key
![Page 4: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/4.jpg)
Rijndel Starting Data
![Page 5: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/5.jpg)
Rijndel AES Steps
![Page 6: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/6.jpg)
Rijndel Sub Bytes
![Page 7: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/7.jpg)
Rijndel Shift Rows
![Page 8: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/8.jpg)
Rijndel Mix Columns
![Page 9: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/9.jpg)
Rijndel Add Round Key
![Page 10: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/10.jpg)
AES Algorithm
• AES Lookup Table Optimizations– Transposed State by Bertoni• Speedup in decryption
– CAM based by Li• Combined Sbox& inv Sbox into single table
– FPGA implementations• Pre-computed GF ops in LUTs
![Page 11: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/11.jpg)
Attacks on AES
• Brute force• Related Key• Side Channel
![Page 12: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/12.jpg)
Side Channel Attacks
• Attacks through some implementation deficiency– Timing of computations– Power Analysis– Fault Injection– Electromagnetic Radiation– Acoustic Cryptanalysis– Cache
![Page 13: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/13.jpg)
Cache-collision timing attack against AES
• Cache collision– Hit– Miss– Time
![Page 14: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/14.jpg)
Process Operation
• Cache observation
Victim Process Spy Process
CFS - Scheduler
Cache
![Page 15: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/15.jpg)
AES Cache Side Channel Attack
• AES-128• Key recovery after observing ~100 encryptions• Implementation in Linux against OpenSSL 0.9.8n• Program does not require special privileges on
the host machine• Linux kernel task scheduler compromised– Observe every memory access– (CFG) Completely Fair Scheduler
![Page 16: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/16.jpg)
AES Cache Attack Features
• No heuristic info about plain/cyphertexts• Works against compressed tables• 2 phase operation:– Observation• ~100 encryptions• ~2-3 seconds
– Analysis• ~3 minutes
![Page 17: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/17.jpg)
Process Operation
• Cache observation
Victim Process Spy Process
CFS - Scheduler
Cache
![Page 18: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/18.jpg)
Cache-collision timing attack against AES
• AES: operations on each byte
![Page 19: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/19.jpg)
Cache-collision timing attack against AES
• System information– Pentium III 1.0 GHz
• L1 cache 32K (split data/instr.)• L2 cache 256K
– “T” lookup table size 256x256=64k
• Implication– If the table is fully loaded in the cache, then there is
no cache miss. This is important for why we can do first round and final round attack.
![Page 20: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/20.jpg)
Cache-collision timing attack against AES
• AES: the computation of every round
![Page 21: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/21.jpg)
-40
-30
-20
-10
0
10
20
30
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
# of cache collisions
Tim
ing
de
via
tio
n (
cy
cle
s)
Actual Results, Pentium III
![Page 22: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/22.jpg)
Cache-collision timing attack against AES
Table
Key xor
Plaintext
…
Key xor
Table
Table
Key xor
[6]
![Page 23: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/23.jpg)
Cache-collision timing attack against AES
Table
Key xor
Plaintext
…
Key xor
Table
Table
Key xor
If a plaintext byte is known, as well as a first-round table lookup, a key byte is learned
[6]
![Page 24: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/24.jpg)
Cache-collision timing attack against AES
• First Round Attack– Spy process flush the cache– The lookup table is not in the cache. In other
words, the cache collision is only due to same lookup table access index.
![Page 25: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/25.jpg)
Cache-collision timing attack against AES
• First Round Attack
![Page 26: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/26.jpg)
Cache-collision timing attack against AES
• First Round Attack– If cache hits ( access time less than average access
time)– Counts the average encryption time for all and pair. If there is a low average time occurs for a
pair and , there is high probability that .
ip
jp
ip jp
jiji kkpp
![Page 27: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/27.jpg)
Cache-collision timing attack against AES
• Final Round Attack– The final round lookup table is different from
previous lookup table , so there is no in the cache. And if there is a collision, it’s due to same lookup table index.
4T
3210 ,,, TTTT
4T
![Page 28: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/28.jpg)
Cache-collision timing attack against AES
• Final Round Attack– No MixColumns operations
![Page 29: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/29.jpg)
Cache-collision timing attack against AES
• Final Round Attack
![Page 30: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/30.jpg)
Cache-collision timing attack against AES
• Final Round Attack– If cache hits ( access time less than average access
time)– Counts the average encryption time for all and pair. If there is a low average time occurs for a
pair and , there is high probability that .
ic
jc
ic jc1010jiji kkcc
![Page 31: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/31.jpg)
Cache-collision timing attack against AES
• ResultAttack Encryptions needed Sample type
Bernstein Plaintext/timing
Tesunoo Plaintext/timing
First/Final round attack
Plaintext/timing
5.272
262
152
![Page 32: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/32.jpg)
Countermeasures
– AES can be performed without using lookup tables– Give OS ability to partition cache between
processes– Put AES table into ROM, add special instructions– Separate AES hardware on chip (new Intel CPUs)
![Page 33: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/33.jpg)
References• [1] Rijndel flash movie:http://www.cs.bc.edu/~straubin/cs381-05/blockciphers/rijndael_ingles2004.swf• [2] G. Bertoni, et al.,"Efficient Software Implementation of AES on
32-Bit Platforms”• [3] H. Li, "A New CAM Based S/S−1-Box Look-up Table in AES”• [4] M. McLoone et al. "Rijndael FPGA Implementations Utilising
Look-Up Tables”• [5] D. Gullasch et al. "Cache Games – Bringing Access-Based Cache
Attacks on AES to Practice“• [6] J. Bonneau et al. “Cache-Collision Timing Attacks Against AES”• [7] Dag Arne Osvik et al. “Cache Attacks and Countermeasures: the
Case of AES”
![Page 34: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/34.jpg)
Backup slides
![Page 35: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/35.jpg)
Original Mix Columns Equations
![Page 36: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/36.jpg)
Revised Mix Columns Equations
![Page 37: AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack](https://reader036.vdocuments.net/reader036/viewer/2022062417/5519b3c15503466f578b46d6/html5/thumbnails/37.jpg)
FPGA LUT Implementation