Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.6.1207

Flush+Reload Cache Side-Channel Attack on Block Cipher ARIA  

Bae, Daehyeon (Hoseo University)
Hwang, Jongbae (Hoseo University)
Ha, Jaecheol (Hoseo University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.6, 2020 , pp. 1207-1216 More about this Journal
Abstract
Since the server system in the cloud environments can simultaneously operate multiple OS and commonly share the memory space between users, an adversary can recover some secret information using cache side-channel attacks. In this paper, the Flush+Reload attack, a kind of cache side-channel attacks, is applied to the optimized precomputation table implementation of Korea block cipher standard ARIA. As an experimental result of attack on ARIA-128 implemented in Ubuntu environment, we show that the adversary can extract the 16 bytes last round key through Flush+Reload attack. Furthermore, the master key of ARIA can be revealed from last and first round key used in an encryption processing.
Keywords
Microarchitectural attack; Cache side-channel attack; Flush+Reload Attack; ARIA;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Y. Yarom and K. Falkner, "FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack," Proceedings of the 23rd USENIX conference on Security Symposium, pp. 719-732, Aug. 2014.
2 J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Standard, Springer-Verlag, Berlin, Heidelberg, Jan. 2002.
3 G. Irazoqui, M. Inci, T. Eisenbarth and B. Sunar, "Wait a minute! A fast, Cross-VM attack on AES," RAID'14, LNCS 8688, pp. 299-319, Sep. 2014.
4 B. Gulmezoglu, M. Inci, G. Irazoqui and T. Eisenbarth, "A Faster and More Realistic Flush+Reload Attack on AES," COSADE'15, LNCS 9064, pp. 111-126, Apr. 2015.
5 M. Inci, B. Gülmezoglu, G. Irazoqui, T. Eisenbarth and B. Sunar, "Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud," IACR Cryptology ePrint Archive, Avaliable at https://eprint.iacr.org/2015/898, 2015.
6 D. Bernstein, "Cache-Timing Attacks on AES," Available at http://cr.yp.to/antiforgery/cachetiming-20050414.pdf, Apr. 2005.
7 M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, D. Genkin, Y. Yarom and M. Hamburg, "Meltdown: Reading Kernel Memory from User Space," Proceedings of the 27th USENIX Security Symposium, pp. 973-990, Aug. 2018.
8 P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz and Y. Yarom, "Spectre Attacks: Exploiting Speculative Execution," IEEE Symposium on Security and Privacy, pp. 1-19, May. 2019.
9 Y. Yarom and N. Benger, "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack," IACR Cryptology ePrint Archive, Avaliable at https://eprint.iacr.org/2014/140, 2014.
10 D. Osvik, A. Shamir and E. Tromer, "Cache Attacks and Countermeasure: The Case of AES," CT-RSA'06, LNCS 3860, pp. 1-20, Feb. 2006.
11 J. Lee, J. Kim, D. Kwon and C. Kim, "Description of the ARIA Encryption Algorithm," RFC5794, Mar. 2010.
12 Korea Information Security Agency, "Block Cipher ARIA," Avaliable at https://seed.kisa.or.kr/kisa/Board/19/detailView.do, Jan. 2019.
13 J. Seo, C. Kim, J. Ha, S. Moon and I. Park, "Differential Power Analysis Attack of a Block Cipher ARIA," Journal of the Korea Institute of Information Security & Cryptology, Vol. 15, No. 1, pp. 99-107, Feb. 2005.