A cache timing attack on AES in virtualization environments

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7397 LNCS, Issue , 2012, Pages 314-328

  Weiß, Michael ^a   Heinz, Benedikt ^a   Stumpf, Frederic ^a  

^a FRAUNHOFER AISEC   (Germany)

Author keywords

AES; Cache; Embedded; L4; Microkernel; Timing; Trusted Execution Environment; Virtualization

Indexed keywords

AES; CACHE; EMBEDDED; EXECUTION ENVIRONMENTS; L4; MICROKERNEL; TIMING; VIRTUALIZATIONS;

SECURITY OF DATA; VIRTUAL REALITY;

CRYPTOGRAPHY;

EID: 84865833121     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-32946-3_23     Document Type: Conference Paper

References (23)

1. Aciiçmez, O., Koç, Ç.K.: Trace-Driven Cache Attacks on AES (Short Paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 112-121. Springer, Heidelberg (2006)
2. Aciiçmez, O., Schindler, W., Koç, Ç.K.: Cache Based Remote Timing Attack on the AES. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 271-286. Springer, Heidelberg (2006)
3. ARM Limited. ARM Security Technology - Building a Secure System using Trust-Zone Technology, prd29-genc-009492c edition (April 2009)
4. Bailey, S.A., Felton, D., Galindo, V., Hauswirth, F., Hirvimies, J., Fokle, M., Morenius, F., Colas, C., Galvan, J.-P.: The trusted execution environment: Delivering enhanced security at a lower cost to the mobile market. Technical report. Global Platform Inc. (2011)
5. Barreto, P., Bosselaers, A., Rijmen, V.: Optimised ANSI C code for the Rijndael cipher, now AES (2000), http://fastcrypto.org/front/misc/rijndael-alg- fst.c
6. Bernstein, D.J.: Poly1305-AES for generic computers with IEEE floating point (February 2005), http://cr.yp.to/mac/53.html
7. Bernstein, D.J.: Cache-timing attacks on AES. Technical report (2005)
8. Bogdanov, A., Eisenbarth, T., Paar, C., Wienecke, M.: Differential cache-collision timing attacks on aes with applications to embedded cpus. In: The Cryptographer's Track at RSA Conference, pp. 235-251 (2010)
9. Bonneau, J., Mironov, I.: Cache-Collision Timing Attacks Against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201-215. Springer, Heidelberg (2006)
10. Brumley, B.B., Hakala, R.M.: Cache-Timing Template Attacks. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 667-684. Springer, Heidelberg (2009)
11. Intel Corporation. Intel R® virtualization technology list (accessed September 15 (2011), http://ark.intel.com/VTList.aspx
12. Brian Gladman (2008), http://gladman.plushost.co.uk/oldsite/AES/aes-byte- 29-08-08.zip
13. GlobalPlatform Inc. TEE Client API Specification Version 1.0 (July 2010)
14. Gueron, S., Stronqin, G., Seifert, J.-P., Chiou, D., Sendag, R., Yi, J.J.: Where does security stand? new vulnerabilities vs. trusted computing. IEEE Micro 27(6), 25-35 (2007)
15. Gullasch, D., Bangerter, E., Krenn, S.: Cache Games - Bringing access-based cache attacks on AES to practice. In: IEEE Symposium on Security and Privacy, S&P 2011. IEEE Computer Society (2011)
16. Neve, M., Seifert, J.-P., Wang, Z.: A refined look at bernstein's aes side-channel analysis. In: ASIACCS, p. 369 (2006)
17. Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1-20. Springer, Heidelberg (2006)
18. Percival, C.: Cache missing for fun and profit. In: Proc. of BSDCan 2005 (2005)
19. Niyaz, P.K.: Advanced Encryption Standard implementation in C
20. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 199-212. ACM, New York (2009)
21. Smith, J., Nair, R.: Virtual Machines: Versatile Platforms for Systems and Processes. The Morgan Kaufmann Series in Computer Architecture and Design. Morgan Kaufmann Publishers Inc., San Francisco (2005)
22. The OpenSSL Project. OpenSSL: The Open Source toolkit for SSL/TLS (February 2011), http://www.openssl.org
23. TU Dresden Operating Systems Group. The Fiasco microkernel, http://os.inf.tu-dresden.de/fiasco/ (accessed April 6, 2011)