@article { author = {Esfahani, M. and Soleimany, H. and Aref, M. R.}, title = {Modified cache template attack on AES}, journal = {Scientia Iranica}, volume = {29}, number = {4}, pages = {1949-1956}, year = {2022}, publisher = {Sharif University of Technology}, issn = {1026-3098}, eissn = {2345-3605}, doi = {10.24200/sci.2020.54534.3797}, abstract = {While it has been known for a long time that the cache behavior is a powerful source of the information leakage, more realistic attack scenarios have received a lot of attention by the cryptographic community. To develop practical cache-based attacks, there is an increasingly need to automate the process of finding exploitable cache-based side-channels in computer systems. Cache template attack is a generic technique that utilizes Flush+Reload attack in order to automatically exploit cache vulnerability of Intel platforms. Cache template attack on T-table-based AES implementation consists of two phases including the profiling phase and the key exploitation phase.Profiling is a preprocessing phase to monitor dependencies between the secret key and behavior of the cache memory. In addition, the addresses of T-tables can be obtained automatically.In the key exploitation phase, most significant bits (MSBs) of the secret key bytes are retrieved by monitoring exploitable addresses. In this paper, we propose a simple yet effective searching technique which accelerates the profiling phase by a factor of at most 64. To verify the theoretical model of our technique, we implement the described attack on AES. The experimental results confirmed a shorter runtime of the attack in comparison to the original attack.}, keywords = {Side-channel attacks,Flush+Reload attack,inclusive memory,AES,cache template attacks}, url = {https://scientiairanica.sharif.edu/article_22095.html}, eprint = {https://scientiairanica.sharif.edu/article_22095_880d28dd71da70c18decf740bec4ecb4.pdf} }