Modeling Side-Channel Cache Attacks on AES

摘要

In recent years, side-channel attacks have gained increasing attention, mainly due to their ability to extract sensitive information from their victims in an effortless way. Also, with the development and spread of cloud computing, where victims and potential attackers share physical infrastructure, these attacks are becoming a serious concern. For performance reasons, several resources as CPU cache memories have to be shared, leaving a door opened for attackers. However, when cryptographic processes are properly characterized it is possible to detect attacks which abuse one shared resource as, for example, CPU cache. In this paper we present a timing characterization of a process implementing a cryptographic algorithm such as AES. Then we characterize the same encryption process when suffering a cache attack and when sharing the CPU with other different processes to evaluate how they affect it and get accurate models. The main idea of this work is getting an accurate timing model to distinguish when a process is or not being attacked regarding to timing measurements. Once we get the model, we provide a detection algorithm that detects over 96% of attacks with false positive rates around 5%. The false positive rate is reduced to 0% when discarding the initial transitory state related to the booting stage of a new process.