Title :
Software implementation level countermeasures against the cache timing attack on advanced encryption standard
Author :
Herath, Udyani ; Alawatugoda, Janaka ; Ragel, Roshan
Author_Institution :
Dept. of Stat. & Comput. Sci., Univ. of Peradeniya, Peradeniya, Sri Lanka
Abstract :
Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein´s cache timing attack. Two simple software based countermeasures based on the concept of “constant-encryption-time” were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.
Keywords :
cache storage; cryptography; AES software; advanced encryption standard; cache timing attack; constant encryption time; electronic data transmission security; side channel attack; software implementation level countermeasurement; symmetric key encryption algorithm; Clocks; Encryption; Information systems; Servers; Software; Timing; Advanced Encryption Standard; Cache Timing Attack; Constant time encryption; Side Channel Attack;
Conference_Titel :
Industrial and Information Systems (ICIIS), 2013 8th IEEE International Conference on
Conference_Location :
Peradeniya
Print_ISBN :
978-1-4799-0908-7
DOI :
10.1109/ICIInfS.2013.6731958