On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Raphael Spreitzer; Thomas Plos

doi:10.1007/978-3-642-38631-2_53

On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Raphael Spreitzer, Thomas Plos

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

Originalsprache	englisch
Titel	Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings
Herausgeber (Verlag)	Springer
Seiten	656-662
Band	7873
DOIs	https://doi.org/10.1007/978-3-642-38631-2_53
Publikationsstatus	Veröffentlicht - 2013
Veranstaltung	International Conference on Network and System Security - Madrid, Spanien Dauer: 3 Juni 2013 → 4 Juni 2013

Publikationsreihe

Name	Lecture Notes in Computer Science
Herausgeber (Verlag)	Springer

Konferenz

Konferenz	International Conference on Network and System Security
Land/Gebiet	Spanien
Ort	Madrid
Zeitraum	3/06/13 → 4/06/13

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application

Zugriff auf Dokument

10.1007/978-3-642-38631-2_53

paper.pdfEndgültige, publizierte Fassung, 706 KB

SeCoS - Verbundene Welt [Original in Englisch: Secure Contactless Sphere Smart RFID-Technologies for a Connected World]
Bösch, W., Wenger, E., Khan, H. N., Schmidt, J., Gadringer, M. E., Spreitzer, R. C., Mendel, F., Gruss, D., Hutter, M., Freidl, P. F., Görtschacher, L. J., Mangard, S. & Grosinger, J.
1/01/13 → 31/12/15
Projekt: Forschungsprojekt
FWF -ReSIT - Umsetzung eines sicheren Internets der Dinge
Hutter, M., Wenger, E., Schmidt, J., Mendel, F., Mangard, S. & Posch, R.
1/07/12 → 31/05/16
Projekt: Forschungsprojekt
IMPA Lab
Posch, R., Rijmen, V., Posch, K., Kirschbaum, M., Schmidt, J., Schläffer, M., Szekely, A., Medwed, M., Plos, T., Peßl, P., Aigner, M. J., Wenger, E., Dominikus, S., Feldhofer, M., Hutter, M. & Oswald, M. E.
1/10/99 → 15/07/19
Projekt: Arbeitsgebiet

Dieses zitieren

On the Applicability of Time-Driven Cache Attacks on Mobile Devices. / Spreitzer, Raphael; Plos, Thomas.
Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings. Band 7873 Springer, 2013. S. 656-662 (Lecture Notes in Computer Science).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Spreitzer, R & Plos, T 2013, On the Applicability of Time-Driven Cache Attacks on Mobile Devices. in Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings. Bd. 7873, Lecture Notes in Computer Science, Springer, S. 656-662, International Conference on Network and System Security, Madrid, Spanien, 3/06/13. https://doi.org/10.1007/978-3-642-38631-2_53

@inproceedings{e265587712104affa5bc730e84d88946,

title = "On the Applicability of Time-Driven Cache Attacks on Mobile Devices",

abstract = "Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.",

author = "Raphael Spreitzer and Thomas Plos",

year = "2013",

doi = "10.1007/978-3-642-38631-2_53",

language = "English",

volume = "7873",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "656--662",

booktitle = "Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings",

note = "International Conference on Network and System Security ; Conference date: 03-06-2013 Through 04-06-2013",

}

TY - GEN

T1 - On the Applicability of Time-Driven Cache Attacks on Mobile Devices

AU - Spreitzer, Raphael

AU - Plos, Thomas

PY - 2013

Y1 - 2013

N2 - Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

AB - Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

U2 - 10.1007/978-3-642-38631-2_53

DO - 10.1007/978-3-642-38631-2_53

M3 - Conference paper

VL - 7873

T3 - Lecture Notes in Computer Science

SP - 656

EP - 662

BT - Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings

PB - Springer

T2 - International Conference on Network and System Security

Y2 - 3 June 2013 through 4 June 2013

ER -

On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Abstract

Publikationsreihe

Konferenz

Fields of Expertise

Treatment code (Nähere Zuordnung)

Zugriff auf Dokument

Fingerprint

Projekte

SeCoS - Verbundene Welt [Original in Englisch: Secure Contactless Sphere Smart RFID-Technologies for a Connected World]

FWF -ReSIT - Umsetzung eines sicheren Internets der Dinge

IMPA Lab

Dieses zitieren