A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES

In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful...

Full description

Saved in:
Bibliographic Details
Published inComputer journal Vol. 58; no. 10; pp. 2716 - 2737
Main Authors Savas, Erkay, Yilmaz, Cemal
Format Journal Article
LanguageEnglish
Published Oxford Oxford Publishing Limited (England) 01.10.2015
Subjects
Algorithms
Cache
Case studies
Channels
Cryptography
Data encryption
Entropy
Estimates
Feasibility
Mathematical models
Methodology
Software
Online AccessGet full text
ISSN0010-4620
1460-2067
DOI10.1093/comjnl/bxv027

Cover

Abstract In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cache-based attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the micro-architectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures.
AbstractList In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cache-based attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the micro-architectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures.
Author Savaş, Erkay
Yılmaz, Cemal
Author_xml – sequence: 1
  givenname: Erkay
  surname: Savas
  fullname: Savas, Erkay
– sequence: 2
  givenname: Cemal
  surname: Yilmaz
  fullname: Yilmaz, Cemal
BookMark eNp1kDFPwzAQhS1UJNrCyG6JhSX07MR2whZFpSAVMRTmyHVtNSWNi-0g-u9JGqZKTHd6972T3pugUWMbjdAtgQcCWTxTdr9r6tn65xuouEBjknCIKHAxQmMAAlHCKVyhifc7AKCQ8TFa5XihG-0qhV912NoNNtbhsNU4b2R99JXH1mCJi1r601pI1R9DkOrTP-K8E7zGq9BujidrPl9do0sja69v_uYUfTzN34vnaPm2eCnyZaQoTUOUZIInsZFMpDQxBBjRKgWdJYRqRoWigpmYk9gwQRlZG7MWZCPSTkuZ1CyLp-h--Htw9qvVPpT7yitd17LRtvUlEV3elMdJj96doTvbui5hT1FIBHCedlQ0UMpZ75025cFVe-mOJYGyr7gcKi6Hijs-PuNVFWSobBOcrOp_XL_rv4EF
CODEN CMPJAG
CitedBy_id crossref_primary_10_1016_j_cose_2023_103255
crossref_primary_10_3390_electronics11152340
crossref_primary_10_1016_j_cose_2023_103480
crossref_primary_10_1007_s10207_018_0411_7
Cites_doi 10.1093/comjnl/bxu021
10.1109/SP.2011.22
10.1109/NTMS.2012.6208720
10.1007/978-3-642-04138-9_1
10.1093/comjnl/bxp054
10.1109/SERE-C.2013.15
10.1007/978-3-540-74619-5_25
10.1007/3-540-68697-5_9
10.1007/978-3-642-39059-3_20
10.1007/978-3-540-45238-6_6
10.1007/11967668_18
10.1145/1128817.1128887
10.1145/2381913.2381917
10.1007/978-3-662-04722-4
10.1007/978-3-540-77360-3_7
10.1007/s00145-009-9049-y
10.3233/JCS-2000-82-304
10.1109/CSSE.2008.633
10.1007/978-3-319-11379-1_15
10.1007/11967668_15
10.1007/3-540-48405-1_25
10.1007/11894063_16
10.1109/TIFS.2012.2217333
10.1109/VLSI.Design.2010.29
10.1007/11935070_14
10.1007/978-3-540-79263-5_12
10.1007/978-3-642-15031-9_8
10.1007/978-3-662-43826-8_3
10.1093/comjnl/bxu040
10.1007/978-3-642-17955-6_18
10.1145/2382196.2382230
10.1109/MSP.2007.91
10.1007/s00145-010-9084-8
10.1145/1653662.1653687
10.1007/978-3-540-79263-5_16
10.1145/1456508.1456514
10.1109/HPCA.2009.4798277
10.1109/ITCC.2005.62
10.1007/11935308_9
10.1109/FDTC.2008.19
10.1109/TC.2008.80
10.1145/1455526.1455530
10.1007/978-3-540-74462-7_11
10.1007/978-3-662-44709-3_5
10.1007/978-3-642-40026-1_13
10.1145/1314466.1314469
ContentType Journal Article
Copyright Copyright Oxford Publishing Limited(England) Oct 2015
Copyright_xml – notice: Copyright Oxford Publishing Limited(England) Oct 2015
DBID AAYXX
CITATION
7SC
8FD
F28
FR3
JQ2
L7M
L~C
L~D
DOI 10.1093/comjnl/bxv027
DatabaseName CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ANTE: Abstracts in New Technology & Engineering
Engineering Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
Technology Research Database
Computer and Information Systems Abstracts – Academic
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
Engineering Research Database
Advanced Technologies Database with Aerospace
ANTE: Abstracts in New Technology & Engineering
Computer and Information Systems Abstracts Professional
DatabaseTitleList Technology Research Database
Technology Research Database
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1460-2067
EndPage 2737
ExternalDocumentID 3831312991
10_1093_comjnl_bxv027
Genre Feature
GroupedDBID -E4
-~X
.2P
.DC
.I3
0R~
123
18M
1OL
1TH
29F
3R3
4.4
41~
48X
5VS
5WA
6J9
6TJ
70D
85S
9M8
AAIJN
AAJKP
AAJQQ
AAMVS
AAOGV
AAPQZ
AAPXW
AARHZ
AAUAY
AAUQX
AAVAP
AAYOK
AAYXX
ABAZT
ABDFA
ABDTM
ABEFU
ABEJV
ABEUO
ABGNP
ABIXL
ABNKS
ABPTD
ABQLI
ABSMQ
ABVGC
ABVLG
ABXVV
ABZBJ
ACBEA
ACFRR
ACGFS
ACGOD
ACIWK
ACNCT
ACUFI
ACUTJ
ACUXJ
ACVCV
ACYTK
ADEYI
ADEZT
ADGZP
ADHKW
ADHZD
ADIPN
ADMLS
ADOCK
ADQBN
ADRDM
ADRTK
ADVEK
ADYJX
ADYVW
ADZXQ
AECKG
AEGPL
AEGXH
AEJOX
AEKKA
AEKSI
AEMDU
AENEX
AENZO
AEPUE
AETBJ
AEWNT
AFFZL
AFIYH
AFOFC
AGINJ
AGKEF
AGMDO
AGORE
AGSYK
AHGBF
AHXPO
AI.
AIDUJ
AIJHB
AJBYB
AJEEA
AJEUX
AJNCP
ALMA_UNASSIGNED_HOLDINGS
ALTZX
ALUQC
ALXQX
ANAKG
APIBT
APJGH
APWMN
ASAOO
ATDFG
ATGXG
AXUDD
AZVOD
BAYMD
BCRHZ
BEFXN
BEYMZ
BFFAM
BGNUA
BHONS
BKEBE
BPEOZ
BQUQU
BTQHN
CAG
CDBKE
CITATION
COF
CS3
CXTWN
CZ4
DAKXR
DFGAJ
DILTD
DU5
D~K
EBS
EE~
EJD
F9B
FA8
FLIZI
FLUFQ
FOEOM
GAUVT
GJXCC
H13
H5~
HAR
HW0
HZ~
H~9
IOX
J21
JAVBF
JXSIZ
KBUDW
KOP
KSI
KSN
M-Z
MBTAY
ML0
MVM
N9A
NGC
NMDNZ
NOMLY
NU-
O0~
O9-
OCL
ODMLO
OJQWA
OJZSN
OWPYF
O~Y
P2P
PAFKI
PEELM
PQQKQ
Q1.
Q5Y
R44
RD5
RNI
ROL
ROX
ROZ
RUSNO
RW1
RXO
RZO
SC5
TAE
TJP
TN5
VH1
VOH
WH7
WHG
X7H
XJT
XOL
XSW
YAYTL
YKOAZ
YXANX
ZKX
ZY4
~91
7SC
8FD
F28
FR3
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-c228t-497643fa57824f1051ec80e9412e527c275f3613f57251bffb71d78f3685ae593
ISSN 0010-4620
IngestDate Thu Jul 10 23:02:55 EDT 2025
Mon Jun 30 05:35:21 EDT 2025
Tue Jul 01 02:55:04 EDT 2025
Thu Apr 24 22:58:39 EDT 2025
IsPeerReviewed true
IsScholarly true
Issue 10
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c228t-497643fa57824f1051ec80e9412e527c275f3613f57251bffb71d78f3685ae593
Notes SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
ObjectType-Article-1
ObjectType-Feature-2
content type line 23
PQID 1720470668
PQPubID 6424
PageCount 22
ParticipantIDs proquest_miscellaneous_1762086349
proquest_journals_1720470668
crossref_primary_10_1093_comjnl_bxv027
crossref_citationtrail_10_1093_comjnl_bxv027
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2015-10-01
PublicationDateYYYYMMDD 2015-10-01
PublicationDate_xml – month: 10
  year: 2015
  text: 2015-10-01
  day: 01
PublicationDecade 2010
PublicationPlace Oxford
PublicationPlace_xml – name: Oxford
PublicationTitle Computer journal
PublicationYear 2015
Publisher Oxford Publishing Limited (England)
Publisher_xml – name: Oxford Publishing Limited (England)
References 2015092807580557000_58.10.2716.40
2015092807580557000_58.10.2716.42
2015092807580557000_58.10.2716.41
2015092807580557000_58.10.2716.44
2015092807580557000_58.10.2716.43
2015092807580557000_58.10.2716.46
2015092807580557000_58.10.2716.45
2015092807580557000_58.10.2716.48
2015092807580557000_58.10.2716.47
2015092807580557000_58.10.2716.49
2015092807580557000_58.10.2716.6
2015092807580557000_58.10.2716.5
2015092807580557000_58.10.2716.4
2015092807580557000_58.10.2716.51
2015092807580557000_58.10.2716.3
2015092807580557000_58.10.2716.50
2015092807580557000_58.10.2716.2
2015092807580557000_58.10.2716.53
2015092807580557000_58.10.2716.1
2015092807580557000_58.10.2716.52
2015092807580557000_58.10.2716.11
2015092807580557000_58.10.2716.55
2015092807580557000_58.10.2716.10
2015092807580557000_58.10.2716.54
2015092807580557000_58.10.2716.9
2015092807580557000_58.10.2716.8
2015092807580557000_58.10.2716.7
2015092807580557000_58.10.2716.13
2015092807580557000_58.10.2716.57
2015092807580557000_58.10.2716.12
2015092807580557000_58.10.2716.56
2015092807580557000_58.10.2716.15
2015092807580557000_58.10.2716.59
2015092807580557000_58.10.2716.14
2015092807580557000_58.10.2716.58
2015092807580557000_58.10.2716.17
2015092807580557000_58.10.2716.16
2015092807580557000_58.10.2716.19
2015092807580557000_58.10.2716.18
2015092807580557000_58.10.2716.20
2015092807580557000_58.10.2716.22
2015092807580557000_58.10.2716.21
2015092807580557000_58.10.2716.24
2015092807580557000_58.10.2716.23
2015092807580557000_58.10.2716.26
2015092807580557000_58.10.2716.25
2015092807580557000_58.10.2716.28
2015092807580557000_58.10.2716.27
2015092807580557000_58.10.2716.29
2015092807580557000_58.10.2716.31
2015092807580557000_58.10.2716.30
2015092807580557000_58.10.2716.33
2015092807580557000_58.10.2716.32
2015092807580557000_58.10.2716.35
2015092807580557000_58.10.2716.34
2015092807580557000_58.10.2716.37
2015092807580557000_58.10.2716.36
2015092807580557000_58.10.2716.39
2015092807580557000_58.10.2716.38
References_xml – ident: 2015092807580557000_58.10.2716.51
– ident: 2015092807580557000_58.10.2716.6
  doi: 10.1093/comjnl/bxu021
– ident: 2015092807580557000_58.10.2716.49
– ident: 2015092807580557000_58.10.2716.36
  doi: 10.1109/SP.2011.22
– ident: 2015092807580557000_58.10.2716.54
  doi: 10.1109/NTMS.2012.6208720
– ident: 2015092807580557000_58.10.2716.12
  doi: 10.1007/978-3-642-04138-9_1
– ident: 2015092807580557000_58.10.2716.4
– ident: 2015092807580557000_58.10.2716.32
  doi: 10.1093/comjnl/bxp054
– ident: 2015092807580557000_58.10.2716.17
– ident: 2015092807580557000_58.10.2716.42
– ident: 2015092807580557000_58.10.2716.52
  doi: 10.1109/SERE-C.2013.15
– ident: 2015092807580557000_58.10.2716.15
  doi: 10.1007/978-3-540-74619-5_25
– ident: 2015092807580557000_58.10.2716.46
– ident: 2015092807580557000_58.10.2716.1
  doi: 10.1007/3-540-68697-5_9
– ident: 2015092807580557000_58.10.2716.58
  doi: 10.1007/978-3-642-39059-3_20
– ident: 2015092807580557000_58.10.2716.18
  doi: 10.1007/978-3-540-45238-6_6
– ident: 2015092807580557000_58.10.2716.25
  doi: 10.1007/11967668_18
– ident: 2015092807580557000_58.10.2716.21
  doi: 10.1145/1128817.1128887
– ident: 2015092807580557000_58.10.2716.35
  doi: 10.1145/2381913.2381917
– ident: 2015092807580557000_58.10.2716.55
  doi: 10.1007/978-3-662-04722-4
– ident: 2015092807580557000_58.10.2716.7
  doi: 10.1007/978-3-540-77360-3_7
– ident: 2015092807580557000_58.10.2716.3
  doi: 10.1007/s00145-009-9049-y
– ident: 2015092807580557000_58.10.2716.16
  doi: 10.3233/JCS-2000-82-304
– ident: 2015092807580557000_58.10.2716.57
  doi: 10.1109/CSSE.2008.633
– ident: 2015092807580557000_58.10.2716.10
– ident: 2015092807580557000_58.10.2716.41
  doi: 10.1007/978-3-319-11379-1_15
– ident: 2015092807580557000_58.10.2716.14
  doi: 10.1007/11967668_15
– ident: 2015092807580557000_58.10.2716.45
– ident: 2015092807580557000_58.10.2716.2
  doi: 10.1007/3-540-48405-1_25
– ident: 2015092807580557000_58.10.2716.22
  doi: 10.1007/11894063_16
– ident: 2015092807580557000_58.10.2716.31
  doi: 10.1109/TIFS.2012.2217333
– ident: 2015092807580557000_58.10.2716.29
  doi: 10.1109/VLSI.Design.2010.29
– ident: 2015092807580557000_58.10.2716.39
  doi: 10.1007/11935070_14
– ident: 2015092807580557000_58.10.2716.11
  doi: 10.1007/978-3-540-79263-5_12
– ident: 2015092807580557000_58.10.2716.30
  doi: 10.1007/978-3-642-15031-9_8
– ident: 2015092807580557000_58.10.2716.34
  doi: 10.1007/978-3-662-43826-8_3
– ident: 2015092807580557000_58.10.2716.13
  doi: 10.1093/comjnl/bxu040
– ident: 2015092807580557000_58.10.2716.38
– ident: 2015092807580557000_58.10.2716.48
  doi: 10.1007/978-3-642-17955-6_18
– ident: 2015092807580557000_58.10.2716.37
  doi: 10.1145/2382196.2382230
– ident: 2015092807580557000_58.10.2716.24
  doi: 10.1109/MSP.2007.91
– ident: 2015092807580557000_58.10.2716.53
  doi: 10.1007/s00145-010-9084-8
– ident: 2015092807580557000_58.10.2716.5
  doi: 10.1145/1653662.1653687
– ident: 2015092807580557000_58.10.2716.28
  doi: 10.1007/978-3-540-79263-5_16
– ident: 2015092807580557000_58.10.2716.9
  doi: 10.1145/1456508.1456514
– ident: 2015092807580557000_58.10.2716.8
  doi: 10.1109/HPCA.2009.4798277
– ident: 2015092807580557000_58.10.2716.40
  doi: 10.1145/2382196.2382230
– ident: 2015092807580557000_58.10.2716.33
– ident: 2015092807580557000_58.10.2716.19
  doi: 10.1109/ITCC.2005.62
– ident: 2015092807580557000_58.10.2716.20
  doi: 10.1007/11935308_9
– ident: 2015092807580557000_58.10.2716.27
  doi: 10.1109/FDTC.2008.19
– ident: 2015092807580557000_58.10.2716.59
  doi: 10.1109/TC.2008.80
– ident: 2015092807580557000_58.10.2716.50
  doi: 10.1145/1455526.1455530
– ident: 2015092807580557000_58.10.2716.23
  doi: 10.1007/978-3-540-74462-7_11
– ident: 2015092807580557000_58.10.2716.44
  doi: 10.1007/978-3-662-44709-3_5
– ident: 2015092807580557000_58.10.2716.43
– ident: 2015092807580557000_58.10.2716.56
  doi: 10.1007/978-3-642-40026-1_13
– ident: 2015092807580557000_58.10.2716.47
– ident: 2015092807580557000_58.10.2716.26
  doi: 10.1145/1314466.1314469
SSID ssj0002096
Score 2.0829148
Snippet In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The...
SourceID proquest
crossref
SourceType Aggregation Database
Enrichment Source
Index Database
StartPage 2716
SubjectTerms Algorithms
Cache
Case studies
Channels
Cryptography
Data encryption
Entropy
Estimates
Feasibility
Mathematical models
Methodology
Software
Title A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES
URI https://www.proquest.com/docview/1720470668
https://www.proquest.com/docview/1762086349
Volume 58
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3PT9swFLYYXHbZD7Zp3QAZCe3CMhInjpPdIlaEUMsOtFJ3ihzHlthKOrGApv31e_ZzQioxiXGJLMdNIn_u82f7vfcRciBhGuW5MYGuTRgkrKoCCUvbwAC1VkJxLp3L__Q8PZ0nZwu-6GTZfXRJW31Sf-6NK3kMqlAHuNoo2f9Atn8oVEAZ8IUrIAzXB2FcYNboS3U4dULQvc_gMNWIROFLDMRS9mbb2sB6H5MOs5hzJkTHzcKTwy53gdd8OBx-jt2PkbcYCDa-_nHnhfPtcnkl3Yb0sb7yjf2GQsR717TeSEJFkjI8LtFoF5M0DGym96Hh5NlwgIRDMyiidDClAkUS95prTGUFAHxvllCoft-GmClgPTH2-dfyZD6ZlLPxYvaEbDEh7In8VvFlOrnop10WOjG2_ut9QlV4xRG-4Agfv05A1udfRypmL8gzvxqgBUL7kmzoZps873qdesP7ilwU1CNNEWkKYFFAmnZI05WhkjqkbdEhTT3Sn2lBLc7U4ex-Cji_JvOT8ez4NPByGIFiLGutFiDQRyOtAEFigBdHWmWhzpOIac6EYoKbGNiZ4QJIa2VMJaJaZMZKDEjN8_gN2WxWjX5LaA3_XB4rJeIK2EnOMlPHrDaSaVhvZ7IekY9dH5XK54q3kiXLEn0W4hK7tMQuHZEPffOfmCTlXw13ug4v_cD9VUZWJ0kA9c1GZL-_DVbOHl3JRq9ubBtANEvjJH_3gDbvydO7gb1DNtvrG70L3LGt9vyo-QtYVW87
linkProvider EBSCOhost
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Generic+Method+for+the+Analysis+of+a+Class+of+Cache+Attacks%3A+A+Case+Study+for+AES&rft.jtitle=Computer+journal&rft.au=Savas%2C+Erkay&rft.au=Yilmaz%2C+Cemal&rft.date=2015-10-01&rft.issn=0010-4620&rft.eissn=1460-2067&rft.volume=58&rft.issue=10&rft.spage=2716&rft.epage=2737&rft_id=info:doi/10.1093%2Fcomjnl%2Fbxv027&rft.externalDBID=NO_FULL_TEXT
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0010-4620&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0010-4620&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0010-4620&client=summon