Micro-Architectural Analysis of Time-Driven Cache Attacks: Quest for the Ideal Implementation

Time-driven attacks on the data cache are a lethal form of cryptanalytic attacks for block-ciphers implemented with look-up tables. The difference of means (DOM) observed in the execution time of a block cipher is often used as a distinguisher to glean information about the secret key. The root cause for the distinguisher to work has long been attributed to the number of cache-misses that occur during the encryption. In this paper, we show that micro-architectural acceleration features in cache memories that are used to reduce miss-penalty (such as pipelining, parallelism, out-of-order, and non-blocking memory accesses) contribute significantly to the leakage. We develop a framework to analyze the DOM distinguisher considering architectural as well as micro-architectural acceleration components in the cache memory. Our findings, which are experimentally verified, show that the two contributing leakage factors (namely the number of cache misses and the micro-architectural acceleration features) affect the DOM in opposite directions. One leakage source results in a positive DOM while the other causes a negative DOM. This opposing characteristic of the leakages makes it feasible to implement block ciphers in a way such that the two leakages cancel each other, thus leading to implementations with higher resistance against time-driven cache-attacks.