| AES访问驱动Cache计时攻击 |
| |
| 引用本文: | 赵新杰,王韬,郭世泽,郑媛媛. AES访问驱动Cache计时攻击[J]. 软件学报, 2011, 22(3): 572-591. DOI: 10.3724/SP.J.1001.2011.03802 |
| |
| 作者姓名: | 赵新杰 王韬 郭世泽 郑媛媛 |
| |
| 作者单位: | 1. 军械工程学院计算机工程系,河北石家庄,050003
2. 北方电子设备研究所,北京,100083 |
| |
| 基金项目: | 国家自然科学基金(60772082); 河北省自然科学基金(08M010) |
| |
| 摘 要: | 首先给出了访问驱动Cache计时攻击的模型,提出了该模型下直接分析、排除分析两种通用的AES加密泄漏Cache信息分析方法;然后建立了AES加密Cache信息泄露模型,并在此基础上对排除分析攻击所需样本量进行了定量分析,给出了攻击中可能遇到问题的解决方案;最后结合OpenSSL v.0.9.8a,v.0.9.8j中两种...
|
| 关 键 词: | 高级加密标准 访问驱动 Cache计时攻击 远程攻击 OpenSSL |
| 收稿时间: | 2009-05-09 |
| 修稿时间: | 2009-12-02 |
Access Driven Cache Timing Attack Against AES |
| |
| ZHAO Xin-Jie,WANG Tao,GUO Shi-Ze and ZHENG Yuan-Yuan. Access Driven Cache Timing Attack Against AES[J]. Journal of Software, 2011, 22(3): 572-591. DOI: 10.3724/SP.J.1001.2011.03802 |
| |
| Authors: | ZHAO Xin-Jie WANG Tao GUO Shi-Ze ZHENG Yuan-Yuan |
| |
| Affiliation: | Department of Computer Engineering, Ordnance Engineering College, Shijiazhuang 050003, China;Department of Computer Engineering, Ordnance Engineering College, Shijiazhuang 050003, China;Institute of North Electronic Equipment, Beijing 100083, China;Department of Computer Engineering, Ordnance Engineering College, Shijiazhuang 050003, China |
| |
| Abstract: | Firstly, this paper displays an access driven Cache timing attack model, proposes non-elimination and elimination two general methods to analyze Cache information leakage during AES encryption, and builds the Cache information leakage model. Next, it uses quantitative analysis to attack a sample with the above elimination analysis method, and provides some solutions for the potential problems of a real attack. Finally, this paper describes 12 local and remote attacks on AES in OpenSSL v.0.9.8a, v.0.9.8j. Experiment results demonstrate that: the access driven Cache timing attack has strong applicability in both local and remote environments; the AES lookup table and Cache structure decide that AES is vulnerable to this type of attack, the least sample size required to recover a full AES key is about 13; the last round AES implementation in OpenSSL v.0.9.8j, which abandoned the T4 lookup table, cannot secure itself from the access driven Cache timing attack; the attack results strongly verify the correctness of the quantitative Cache information leakage theory and key analysis methods above. |
| |
| Keywords: | AES access driven Cache timing attack remote attack OpenSSL |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
