Projekte pro Jahr
Abstract
Side-channel attacks are usually performed by employing the "divide-and-conquer" approach, meaning that leaking information is collected in a divide step, and later on exploited in the conquer step. The idea is to extract as much information as possible during the divide step, and to exploit the gathered information as efficiently as possible within the conquer step.
Focusing on both of these steps, we discuss potential enhancements of Bernstein's cache-timing attack against the Advanced Encryption Standard (AES). Concerning the divide part, we analyze the impact of attacking different key-chunk sizes, aiming at the extraction of more information from the overall encryption time. Furthermore, we analyze the most recent improvement of time-driven cache attacks, presented by Aly and ElGayyar, according to its applicability on ARM Cortex-A platforms. For the conquer part, we employ the optimal key-enumeration algorithm as proposed by Veyrat-Charvillon et al. to significantly reduce the complexity of the exhaustive key-search phase compared to the currently employed threshold-based approach. This in turn leads to more practical attacks. Additionally, we provide extensive experimental results of the proposed enhancements on two Android-based smartphones, namely a Google Nexus S and a Samsung Galaxy SII.
Focusing on both of these steps, we discuss potential enhancements of Bernstein's cache-timing attack against the Advanced Encryption Standard (AES). Concerning the divide part, we analyze the impact of attacking different key-chunk sizes, aiming at the extraction of more information from the overall encryption time. Furthermore, we analyze the most recent improvement of time-driven cache attacks, presented by Aly and ElGayyar, according to its applicability on ARM Cortex-A platforms. For the conquer part, we employ the optimal key-enumeration algorithm as proposed by Veyrat-Charvillon et al. to significantly reduce the complexity of the exhaustive key-search phase compared to the currently employed threshold-based approach. This in turn leads to more practical attacks. Additionally, we provide extensive experimental results of the proposed enhancements on two Android-based smartphones, namely a Google Nexus S and a Samsung Galaxy SII.
| Originalsprache | englisch |
|---|---|
| Titel | Information Security Theory and Practice. Securing the Internet of Things - 8th IFIP WG 11.2 International Workshop, WISTP 2014, Heraklion, Crete, Greece, June 30 - July 2, 2014. Proceedings. |
| Redakteure/-innen | David Naccache, Damien Sauveron |
| Herausgeber (Verlag) | Springer |
| Seiten | 24-39 |
| Band | 8501 |
| ISBN (Print) | 978-3-662-43825-1 |
| DOIs | |
| Publikationsstatus | Veröffentlicht - 2014 |
| Veranstaltung | Workshop in Information Security Theory and Practices - Heraklion, Griechenland Dauer: 30 Juni 2014 → 2 Juli 2014 |
Publikationsreihe
| Name | Lecture Notes in Computer Science |
|---|---|
| Herausgeber (Verlag) | Springer |
Konferenz
| Konferenz | Workshop in Information Security Theory and Practices |
|---|---|
| Land/Gebiet | Griechenland |
| Ort | Heraklion |
| Zeitraum | 30/06/14 → 2/07/14 |
Fields of Expertise
- Information, Communication & Computing
Treatment code (Nähere Zuordnung)
- Application
Fingerprint
Untersuchen Sie die Forschungsthemen von „Towards More Practical Time-Driven Cache Attacks“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 2 Abgeschlossen
-
SeCoS - Verbundene Welt [Original in Englisch: Secure Contactless Sphere Smart RFID-Technologies for a Connected World]
Bösch, W., Wenger, E., Khan, H. N., Schmidt, J., Gadringer, M. E., Spreitzer, R. C., Mendel, F., Gruss, D., Hutter, M., Freidl, P. F., Görtschacher, L. J., Mangard, S. & Grosinger, J.
1/01/13 → 31/12/15
Projekt: Forschungsprojekt