基于ARM处理器的AES缓存攻击技术研究
Research on AES Cache Attack Technology Based on ARM Processor
DOI: 10.12677/SEA.2018.71001, PDF,   
作者: 李 勃:北京航空航天大学,北京
关键词: 缓存攻击AES攻击AES缓存Cache Attack AES Attack AES Cache
摘要: Cache攻击是一种强大的攻击工具,能够根据Cache泄露的内存访问模式获取用户的私密信息,比如用户的键盘输入、加密的密钥等。在Intel x86平台上,已经有针对AES、DES加密算法的Cache攻击实现,但是在Android平台上,由于Cache结构、指令集、Cache替换策略等与Intel x86有很多差别,因此攻击难度较大。本文基于Android平台,以AES加密算法作为攻击对象,通过引入假设检验,降低随机误差对实验结果的影响,最终获取AES全部密钥。最后对AES异步攻击方式进行探索。
Abstract: Cache attack is a powerful attack tool that can access the user’s private information based on the memory access mode revealed by the Cache, such as the user’s keyboard input, encryption keys, etc. On Intel x86 platform, there have been Cache attack implementations aiming at AES, DES encryption algorithm, but on the Android platform, the structure of the Cache, instruction Set and Cache replacement strategy have a lot of differences from that of Intel x86, so Cache attack on mobile devices is difficult. This paper reduces the impact of random error of the experimental results on the Android platform by introducing hypothesis testing, eventually getting all AES key bytes. Then this paper explores the asynchronous attack mode.
文章引用:李勃. 基于ARM处理器的AES缓存攻击技术研究[J]. 软件工程与应用, 2018, 7(1): 1-12. https://doi.org/10.12677/SEA.2018.71001

参考文献

[1] Kocher, P.C. (1996) Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. International Cryptology Conference on Advances in Cryptology, 1109, 104-113.
[2] Kelsey, J., Schneier, B., Wagner, D., et al. (1998) Side Channel Cryptanalysis of Product Ciphers. European Symposium on Research in Computer Security, Louvain-La-Neuve, 16-18 September 1998, 97-110.
[3] Page, D. (2002) Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02-003, Department of Computer Science, University of Bristol. http://www.cs.bris.ac.uk/Publications/pub_info.jsp?id=1000625
[4] Wu, W.L., He, Y.P., Feng, D.G. and Qing, S.H. (2002) Power Attack of Mars and Rijndael. Journal of Software, 13, 532-536. (In Chinese with English Abstract) http://www.jos.org.cn/1000-9825/13/532.htm
[5] Zhou, Y.B. and Feng, D.G. (2005) Side-Channel Attacks: Ten Years after Its Publication and the Impacts on Cryptographic Module Security Testing. Proceedings of the NIST Physical Security Workshop, 1-34.
[6] Hou, F.Y., Gu, D.W. and Lin, X.Y. (2007) Cache-Based Attacks against AES: Research Progress. Information Security and Communications Privacy, 8, 41-43. (In Chinese with English Abstract)
[7] Deng, G.M., Zhao, Q., Zhang, P. and Chen, K.Y. (2008) Cache Hit Side Channel Attack Based on AES. Computer Engineering, 34, 113-114. (In Chinese with English Abstract)
[8] Bonneau, J. and Mironov, I. (2006) Cache-Collision Timing Attacks against AES. In: Goubin, L. and Matsui, M., Eds., Proceedings of the Cryptographic Hardware and Embedded Systems (CHES 2006), LNCS 4249, Berlin, Springer-Verlag, 201-215. [Google Scholar] [CrossRef
[9] Li, B., Hu, Y.P. and Zhong, M.F. (2008) Time-Based Cache attacks on AES. Computer Engineering, 34, 141-143. (In Chinese with English Abstract)
[10] Bernstein, D.J. (2005) Cache-Timing Attacks on AES. http://cr.yp.to/papers.html\#cachetiming
[11] Lipp, M., Gruss, D., Spreitzer, R., et al. (2015) ARMageddon: Cache Attacks on Mobile Devices. Mundo Electrónico, 6, 60-65.

为你推荐