Challenges in Implementing Cache-Based Side Channel Attacks on Modern Processors

To optimize performance, modern processors have features like nonblocking and pipelined caches along with support for data/instruction prefetching. However, some of these features inadvertently thwart carefully designed attacks on cryptographic algorithms. The attacks belong to the class of side channel attacks wherein subtle leakage of information through side channels such as power and timing can be exploited to compromise secret keys in sensitive applications. This paper further extends and modifies the existing work in the field of cache-based side channel attacks targeting the software implementation of Advanced Encryption Standard (AES) - the de facto standard for secret key cryptography. The attacks exploit the fact that each AES round makes extensive use of lookup tables in lieu of expensive field operations. It is assumed that the attacker and victim (the process running AES) share the same processor cache. This is of special relevance to the cloud environment where two applications may be hosted on different virtual machines on the same core or on different cores sharing the same cache. In addition to describing the challenges encountered, our experimental results demonstrate the feasibility of the modified attack on the Intel Dual Core, Core 2 Duo and AMD Athlon X2.