On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Raphael Spreitzer; Thomas Plos

doi:10.1007/978-3-642-38631-2_53

On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Raphael Spreitzer, Thomas Plos

Institute of Applied Information Processing and Communications (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

Original language	English
Title of host publication	Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings
Publisher	Springer
Pages	656-662
Volume	7873
DOIs	https://doi.org/10.1007/978-3-642-38631-2_53
Publication status	Published - 2013
Event	International Conference on Network and System Security - Madrid, Spain Duration: 3 Jun 2013 → 4 Jun 2013

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer

Conference

Conference	International Conference on Network and System Security
Country	Spain
City	Madrid
Period	3/06/13 → 4/06/13

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application

Access to Document

10.1007/978-3-642-38631-2_53

paper.pdfFinal published version, 706 KB

Fingerprint Dive into the research topics of 'On the Applicability of Time-Driven Cache Attacks on Mobile Devices'. Together they form a unique fingerprint.

3 Finished

SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World
Bösch, W., Wenger, E., Khan, H. N., Schmidt, J., Gadringer, M. E., Spreitzer, R. C., Mendel, F., Gruss, D., Hutter, M., Freidl, P. F., Görtschacher, L. J., Mangard, S. & Grosinger, J.
1/01/13 → 31/12/15
Project: Research project
FWF - ReSIT - Realizing a Secure Internet of Things
Hutter, M., Wenger, E., Schmidt, J., Mendel, F., Mangard, S. & Posch, R.
1/07/12 → 31/05/16
Project: Research project
IMPA Lab
Posch, R., Rijmen, V., Posch, K., Kirschbaum, M., Schmidt, J., Schläffer, M., Szekely, A., Medwed, M., Plos, T., Peßl, P., Aigner, M. J., Wenger, E., Dominikus, S., Feldhofer, M., Hutter, M. & Oswald, M. E.
1/10/99 → 15/07/19
Project: Research area

Cite this

On the Applicability of Time-Driven Cache Attacks on Mobile Devices. / Spreitzer, Raphael; Plos, Thomas.

Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings. Vol. 7873 Springer, 2013. p. 656-662 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Spreitzer, R & Plos, T 2013, On the Applicability of Time-Driven Cache Attacks on Mobile Devices. in Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings. vol. 7873, Lecture Notes in Computer Science, Springer, pp. 656-662, International Conference on Network and System Security, Madrid, Spain, 3/06/13. https://doi.org/10.1007/978-3-642-38631-2_53

@inproceedings{e265587712104affa5bc730e84d88946,

title = "On the Applicability of Time-Driven Cache Attacks on Mobile Devices",

abstract = "Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.",

author = "Raphael Spreitzer and Thomas Plos",

year = "2013",

doi = "10.1007/978-3-642-38631-2_53",

language = "English",

volume = "7873",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "656--662",

booktitle = "Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings",

}

TY - GEN

T1 - On the Applicability of Time-Driven Cache Attacks on Mobile Devices

AU - Spreitzer, Raphael

AU - Plos, Thomas

PY - 2013

Y1 - 2013

N2 - Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

AB - Cache attacks are known to be sophisticated attacks against cryptographic implementations on desktop computers. Recently, investigations of such attacks on specific testbeds with processors that are employed in mobile devices have been done. In this work we investigate the applicability of Bernstein's timing attack and the cache-collision attack by Bogdanov et al. in real environments on three state-of-the-art mobile devices: an Acer Iconia A510, a Google Nexus S, and a Samsung Galaxy SIII. We show that T-table based implementations of the Advanced Encryption Standard (AES) leak enough timing information on these devices in order to recover parts of the used secret key using Bernstein's timing attack. We also show that systems with a cache-line size larger than 32 bytes exacerbate the cache-collision attack of Bogdanov et al.

U2 - 10.1007/978-3-642-38631-2_53

DO - 10.1007/978-3-642-38631-2_53

M3 - Conference contribution

VL - 7873

T3 - Lecture Notes in Computer Science

SP - 656

EP - 662

BT - Network and System Security - NSS 2013, 7th International Conference, Madrid, Spain, June 3-4, 2013, Proceedings

PB - Springer

ER -

On the Applicability of Time-Driven Cache Attacks on Mobile Devices

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World

FWF - ReSIT - Realizing a Secure Internet of Things

IMPA Lab

Cite this