Enhanced Flush+Reload Attack on AES
نویسندگان
چکیده مقاله:
In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.
منابع مشابه
A Fault Based Attack on MDS-AES
In this paper a fault based attack on MDS-AES has been proposed. It has been shown that inducing random byte fault at the input of the ninth round of the MDS-AES algorithm the key can be retrieved. Simulation shows that two faulty cipher text pairs are required to deduce the key without any brute-force search. If one faulty encryption is considered then the actual key can be ascertained with a ...
متن کاملAES Flow Interception: Key Snooping Method on Virtual Machine - Exception Handling Attack for AES-NI -
In this paper, we propose a method for snooping AES encryption key on Virtual Machine Monitor (VMM), and we present countermeasures against this attack. Recently, virtualization technology has rapidly emerged as a key technology for cloud computing. In general, the virtualization technology composes two software parts: one is virtual machine (VM) management software called Virtual Machine Monit...
متن کاملDistinguisher and Related-Key Attack on the Full AES-256
In this paper we construct a chosen-key distinguisher and a related-key attack on the full 256-bit key AES. We define a notion of differential q-multicollision and show that for AES-256 q-multicollisions can be constructed in time q · 2 and with negligible memory, while we prove that the same task for an ideal cipher of the same block size would require at least O(q · 2 q−1 q+1 ) time. Using si...
متن کاملDifferential Power Analysis Attack on FPGA Implementation of AES
Cryptographic devices have found their way into a wide range of application and the topic of their security has reached great research importance. It has been proved that encryption device leaks information, which can be exploited by various attacks such as power analysis, timing analysis and electro-magnetic radiation. Differential power analysis is a powerful and efficient cryptanalytic techn...
متن کاملA Cache Timing Attack on AES in Virtualization Environments
We show in this paper that the isolation characteristic of system virtualization can be bypassed by the use of a cache timing attack. Using Bernstein’s correlation in this attack, an adversary is able to extract sensitive keying material from an isolated trusted execution domain. We demonstrate this cache timing attack on an embedded ARMbased platform running an L4 microkernel as virtualization...
متن کاملFeasible Attack on the 13-round AES-256
In this note we present the first attack with feasible complexity on the 13-round AES-256. The attack runs in the related-subkey scenario with four related keys, in 2 time, data, and memory.
متن کاملمنابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ذخیره در منابع من قبلا به منابع من ذحیره شده{@ msg_add @}
عنوان ژورنال
دوره 12 شماره 2
صفحات 69- 77
تاریخ انتشار 2020-07-01
با دنبال کردن یک ژورنال هنگامی که شماره جدید این ژورنال منتشر می شود به شما از طریق ایمیل اطلاع داده می شود.
میزبانی شده توسط پلتفرم ابری doprax.com
copyright © 2015-2023