Improved Cache Trace Attack on AES and CLEFIA by Considering Cache Miss and S-box Misalignment

This paper presents an improved Cache trace attack on AES and CLEFIA by considering Cache miss trace information and S-box misalignment. In 2006, O. Aciicmez et al. present a trace driven Cache attack on AES first two rounds, and point out that if the Cache element number of the Cache block is 16, at most 48-bit of AES key can be obtained in the first round attack. Their attack is based on the ideal case when S-box elements are perfected aligned in the Cache block. However, this paper discovers that, the S-box elements are usually misaligned, and due to this feature and by considering Cache miss trace information, about 200 samples are enough to obtain full 128-bit AES key within seconds. In 2010, Chester Rebeiro et al. present the first trace driven Cache attack on C LEFIA by considering Cache hit information and obtain 128bit key with 2 CLEFIA encryptions. In this paper, we present a new attack on CLEFIA by considering Cache miss information and S-box misalignment features, finally successfully obtain CLEFIA-128 key for about 220 samples within seconds.

[1]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[2]  Hiroshi Miyauchi,et al.  Cryptanalysis of DES Implemented on Computers with Cache , 2003, CHES.

[3]  Onur Aciiçmez,et al.  Trace-Driven Cache Attacks on AES (Short Paper) , 2006, ICICS.

[4]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..

[5]  Wang Tao,et al.  Robust First Two Rounds Access Driven Cache Timing Attack on AES , 2008, 2008 International Conference on Computer Science and Software Engineering.

[6]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[7]  Joseph Bonneau,et al.  Robust Final-Round Cache-Trace Attacks Against AES , 2006, IACR Cryptol. ePrint Arch..

[8]  Onur Aciiçmez,et al.  Trace-Driven Cache Attacks on AES , 2006, IACR Cryptol. ePrint Arch..

[9]  Joseph Bonneau,et al.  Cache-Collision Timing Attacks Against AES , 2006, CHES.

[10]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[11]  Chester Rebeiro,et al.  Differential Cache Trace Attack Against CLEFIA , 2010, IACR Cryptol. ePrint Arch..

[12]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[13]  Vittorio Zaccaria,et al.  AES power attack based on induced cache miss and countermeasure , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[14]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[15]  Jean-Pierre Seifert,et al.  Advances on Access-Driven Cache Attacks on AES , 2006, Selected Areas in Cryptography.

[16]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[17]  Chester Rebeiro,et al.  Cache Timing Attacks on Clefia , 2009, INDOCRYPT.

[18]  Kyoji Shibutani,et al.  The 128-Bit Blockcipher CLEFIA (Extended Abstract) , 2007, FSE.

[19]  Tao Wang,et al.  Cache Timing Attacks on Camellia Block Cipher , 2009, IACR Cryptol. ePrint Arch..

[20]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[21]  Eran Tromer,et al.  Acoustic cryptanalysis : on nosy people and noisy machines , 2004 .