增强了AES的Flush+Reload攻击

ISC Int. J. Inf. Secur. Pub Date : 2020-07-01 DOI:10.22042/ISECURE.2020.219248.519

Milad Seddigh, H. Soleimany

{"title":"增强了AES的Flush+Reload攻击","authors":"Milad Seddigh, H. Soleimany","doi":"10.22042/ISECURE.2020.219248.519","DOIUrl":null,"url":null,"abstract":"In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Enhanced Flush+Reload Attack on AES\",\"authors\":\"Milad Seddigh, H. Soleimany\",\"doi\":\"10.22042/ISECURE.2020.219248.519\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.\",\"PeriodicalId\":436674,\"journal\":{\"name\":\"ISC Int. J. Inf. Secur.\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ISC Int. J. Inf. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.22042/ISECURE.2020.219248.519\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ISC Int. J. Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22042/ISECURE.2020.219248.519","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

在云计算中，多个用户可以共享可能泄露机密信息的同一台物理机器，特别是在启用内存重复数据删除功能时。Flush+Reload攻击是一种利用资源共享的基于缓存的攻击。AES的t表实现通常用于像OpenSSL这样的加密库。文献中已经提出了几种针对AES的t表实现的Flush+Reload攻击，这些攻击需要大量的加密。在本文中，我们提出了一种技术，通过显着减少本机和跨虚拟机设置中所需的加密数量，来增强仅密文场景中对AES的Flush+Reload攻击。在本文中，我们主要通过只考虑缓存丢失事件来寻找错误的候选键并保留正确的键。我们的攻击比以前的同花齐放攻击更快。特别是，我们的方法可以显著加快跨虚拟机环境下的Flush+Reload攻击。为了验证理论模型，我们实现了所提出的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Enhanced Flush+Reload Attack on AES

In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

ISC Int. J. Inf. Secur.

自引率

0.00%

发文量