Cache-Collision Timing Attacks Against AES
0
0 votes
Overview
This paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. The authors define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented should be applicable to most high-speed software AES implementations and computing platforms, the authors have implemented them against OpenSSL v. 0.9.8.(a) running on Pentium III, Pentium IV Xeon, and UltraSPARC III+ machines. While the task of defending AES against all timing attacks is challenging, a small patch can significantly reduce the vulnerability to these specific attacks with no performance penalty.
Related whitepapers
- Why You Need Email Encryption: Use Case Scenarios
- Live Webcast: Top Trends of 2007 Impacting VPN and Remote Access
- TechNet Webcast: Configuring Certificates for Office Live Communications Server 2005 SP1 Deployment (Level 300)
- Live Webcast: Lessons from Independent Research: Choosing an SSL VPN
- Automating PC Data Backup and Recovery - A Guided Tour
- Building a Secure Environment for Deploying Remote Application Services
- Webcast: Four Critical Things to Know about Two-Factor Authentication & Remote Access
- Product Specs: ProCurve Access Control Server 745wl
- WHSmith Sets Up Shop on the Net
- Microsoft Technology Center Helps WeightWatchers.com Ensure Success for New Site Launch
|
|
What's important from our sponsors
10 million IT Folks can't be wrong with their server choice.
HP ProLiant ML110 G5 from $999
Click here for the reliable server that cost as little as a PC.
DBOptimizer
Discover, Diagnose & Optimise poor performing SQL…Fast!
C++Builder 2009
RAD visual development meets C++ power – download it now!
Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.
Country Report: India
Technology for national gains
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
