%0 Journal Article
%T Access Driven Cache Timing Attack Against AES
AES 访问驱动Cache 计时攻击
%A ZHAO Xin-Jie
%A WANG Tao
%A GUO Shi-Ze
%A ZHENG Yuan-Yuan
%A
赵新杰
%A 王韬
%A 郭世泽
%A 郑媛媛
%J 软件学报
%D 2011
%I
%X Firstly, this paper displays an access driven Cache timing attack model, proposes non-elimination and elimination two general methods to analyze Cache information leakage during AES encryption, and builds the Cache information leakage model. Next, it uses quantitative analysis to attack a sample with the above elimination analysis method, and provides some solutions for the potential problems of a real attack. Finally, this paper describes 12 local and remote attacks on AES in OpenSSL v.0.9.8a, v.0.9.8j. Experiment results demonstrate that: the access driven Cache timing attack has strong applicability in both local and remote environments; the AES lookup table and Cache structure decide that AES is vulnerable to this type of attack, the least sample size required to recover a full AES key is about 13; the last round AES implementation in OpenSSL v.0.9.8j, which abandoned the T4 lookup table, cannot secure itself from the access driven Cache timing attack; the attack results strongly verify the correctness of the quantitative Cache information leakage theory and key analysis methods above.
%K AES
%K access driven
%K Cache timing attack
%K remote attack
%K OpenSSL
高级加密标准
%K 访问驱动
%K Cache
%K 计时攻击
%K 远程攻击
%K OpenSSL
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=AB9DCB2F0563B50AFF55D35310F39F40&yid=9377ED8094509821&vid=BC12EA701C895178&iid=38B194292C032A66&sid=6A9657F54F754BF6&eid=E543FC2C7CA75C74&journal_id=1000-9825&journal_name=软件学报&referenced_num=1&reference_num=26