Modified cache template attack on AES

Document Type : Article


1 Department of Mathematics, Karaj Branch, Islamic Azad University, Karaj, Iran

2 Cyberspace Research Institute, Shahid Beheshti University, Tehran, Iran

3 Department of Electrical Engineering, Sharif University of Technology, Tehran, Iran


While it has been known for a long time that the cache behavior is a powerful source of the information leakage, more realistic attack scenarios have received a lot of attention by the cryptographic community. To develop practical cache-based attacks, there is an increasingly need to automate the process of finding exploitable cache-based side-channels in computer systems. Cache template attack is a generic technique that utilizes Flush+Reload attack in order to automatically exploit cache vulnerability of Intel platforms. Cache template attack on T-table-based AES implementation consists of two phases including the profiling phase and the key exploitation phase.
Profiling is a preprocessing phase to monitor dependencies between the secret key and behavior of the cache memory. In addition, the addresses of T-tables can be obtained automatically.
In the key exploitation phase, most significant bits (MSBs) of the secret key bytes are retrieved by monitoring exploitable addresses. In this paper, we propose a simple yet effective searching technique which accelerates the profiling phase by a factor of at most 64. To verify the theoretical model of our technique, we implement the described attack on AES. The experimental results confirmed a shorter runtime of the attack in comparison to the original attack.


1. Buch, D.H. and Bhatt, H.S. "Trinetra: A solution to handle cross-VM time-driven attack", SN Applied Sciences, 2(4), pp. 1-12 (2020).
2. Yarom, Y., Genkin, D., and Heninger, N. "CacheBleed: a timing attack on OpenSSL constant-time RSA", Journal of Cryptographic Engineering, 7(2), pp. 99- 112 (2017).
3. Gotzfried, J., Eckert, M., Schinzel, S., et al. "Cache attacks on Intel SGX", Proceedings of the 10th European Workshop on Systems Security, pp. 1-6 (2017).
4. Xinliang, M., Liehui, J., and Rui, C. "Survey of accessdriven cache-based side channel attack", Journal of Computer Research and Development, 57(4), p. 824 (2020).
5. Schwarz, M. "Software-based Side-Channel Attacks and Defenses in Restricted Environments", Doctoral Dissertation, PhD Thesis, Graz University of Technology (2019).
6. Chen, S., Liu, F., Rui, C., et al. "Leveraging hardware transactional memory for cache side-channel defenses", Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 601-608 (2018).
7. Chattopadhyay, S., Beck, M., Rezine, A., et al. "Quantifying the information leakage in cache attacks via symbolic execution", ACM Transactions on Embedded Computing Systems (TECS), 18(1), pp. 1-27 (2019).
8. Lapid, B. and Wool, A. "Navigating the Samsung trustzone and cache-attacks on the keymaster trustM. let", European Symposium on Research in Computer Security, pp. 175-196 (2018).
9. Ge, Q., Yarom, Y., Cock, D., et al. "A survey of microarchitectural timing attacks and countermeasures on contemporary hardware", Journal of Cryptographic Engineering, 8(1), pp. 1-27 (2018).
10. Hu, W.M. "Lattice scheduling and covert channels", Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 52-61 (1992).
11. Kelsey, J., Schneier, B., Wagner, D., et al. "Side channel cryptanalysis of product ciphers", European Symposium on Research in Computer Security, pp. 97- 110 (1998).
12. Tsunoo, Y., Saito, T., Suzaki, T., et al. "Cryptanalysis of DES implemented on computers with cache", International Workshop on Cryptographic Hardware and Embedded Systems, pp. 62-76 (2003).
13. Bernstein, D.J., Cache-timing Attacks on AES (2005).
14. Acicmez, O., Schindler, W., and Koc, C .K. "Cache based remote timing attack on the AES", Cryptographers' Track at the RSA Conference, pp. 271-286 (2007).
15. Neve, M., Seifert, J., and Wang, Z. "A refined look at Bernstein's AES side-channel analysis", Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 369-369 (2006).
16. Percival, C. "Cache missing for fun and profit", BSDCan. (2006).
17. Yarom, Y. and Falkner, K. "FLUSH+ RELOAD: a high resolution, low noise, L3 cache sidechannel attack", 23rd fUSENIXg Security Symposium (fUSENIXg Security 14), pp. 719-732 (2014).
18. Ronen, E., Paterson, K.G., and Shamir, A. "Pseudo constant time implementations of TLS are only pseudo secure", Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security., pp. 1397-1414 (2018).
19. Ronen, E., Gillham, R., Genkin, D., et al. "The 9 lives of Bleichenbacher's CAT: New cache attacks on TLS implementations", 2019 IEEE Symposium on Security and Privacy (SP), pp. 435-452 (2019).
20. Inci, M.S., Gulmezoglu, B., Irazoqui, G., et al. "Cache attacks enable bulk key recovery on the cloud", International Conference on Cryptographic Hardware and Embedded Systems, pp. 368-388 (2016).
21. Irazoqui, G., Inci, M.S., Eisenbarth, T., et al. "Wait a minute! A fast, cross-VM attack on AES", International Workshop on Recent Advances in Intrusion Detection, pp. 299-319 (2014).
22. Gulmezoglu, B., Inci, M.S., Irazoqui, G., et al. "A faster and more realistic  ush+ reload attack on AES", International Workshop on Constructive Side-Channel Analysis and Secure Design, pp. 111-126 (2015).
23. Gruss, D., Spreitzer, R., and Mangard, S. "Cache template attacks: Automating attacks on inclusive lastlevel caches", 24th fUSENIXg Security Symposium (fUSENIXg Security 15), pp. 897-912 (2015).
24. Ge, Q., Yarom, Y., Li, F., et al. "Contemporary processors are leaky and there is nothing you can do about it", The Computing Research Repository. arXiv (2016).
25. Gruss, D., Maurice, C., and Mangard, S. "Rowhammer. js: A remote software-induced fault attack in javascript", International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 300-321 (2016).
26. Irazoqui, G. and Guo, X. "Cache Side Channel Attack: Exploitability and Countermeasures", Black Hat Asia, 2017(3), pp. 1-72 (2017).
27. Saileshwar, G. and Qureshi, M.K., Lookout for Zombies: Mitigating Flush+ Reload Attack on Shared Caches by Monitoring Invalidated Lines, arXiv Preprint arXiv:1906.02362 (2017).
28. Lipp, M., Schwarz, M., Gruss, D., et al., Meltdown, arXiv Preprint arXiv:1801.01207 (2018).
29. Schwarz, M., Schwarzl, M., Lipp, M., et al. "Netspectre: Read arbitrary memory over network", European Symposium on Research in Computer Security, pp. 279-299 (2019).
30. Kocher, P., Horn, J., Fogh, A., et al. "Spectre attacks: Exploiting speculative execution", 2019 IEEE Symposium on Security and Privacy (SP), pp. 1-19 (2019).
31. Minkin, M., Moghimi, D., Lipp, M., et al., Fallout: Reading Kernel Writes from User Space, arXiv Preprint arXiv:1905.12701 (2019).
32. Seddigh, M. and Soleimany, H. "Enhanced Flush+ Reload Attack on AES", ISeCure, 12(2), pp. 81-89 (2020).
33. Daemen, J. and Rijmen, V., The Design of Rijndael: AES-the Advanced Encryption Standard, Springer Science & Business Media (2013).
34. Rebeiro, C., Mukhopadhyay, D., and Bhattacharya, S., Timing Channels in Cryptography: A Micro- Architectural Perspective, Springer (2014).