[Resource Topic] 2006/052: Software mitigations to hedge AES against cache-based software side channel vulnerabilities

Welcome to the resource topic for 2006/052

Title:
Software mitigations to hedge AES against cache-based software side channel vulnerabilities

Authors: Ernie Brickell, Gary Graunke, Michael Neve, Jean-Pierre Seifert

Abstract:

Hardware side channel vulnerabilities have been studied for many
years in embedded silicon-security arena including SmartCards,
SetTop-boxes, etc. However, because various recent security
activities
have goals of improving the software isolation properties of PC
platforms, software side channels have become a subject of
interest. Recent publications
discussed cache-based software side channel vulnerabilities of AES
and RSA. Thus, following the classical approach — a new side
channel vulnerability opens a new mitigation research path
— this paper starts to investigate efficient mitigations to
protect AES-software against side channel vulnerabilities. First,
we will present several mitigation strategies to harden existing
AES software against cache-based software side channel attacks and
analyze their theoretical protection. Then, we will present a
%thorough
performance and security evaluation of our mitigation strategies.
For ease of evaluation we measured the performance of our code
against the performance of the openSSL AES implementation. In
addition, we also analyzed our code under various existing
attacks.
Depending on the level of the
required side channel protection, the measured performance loss of
our mitigations strategies versus openSSL (respectively best assembler) varies
between factors of 1.35 (2.66) and 2.85 (5.83).

ePrint: https://eprint.iacr.org/2006/052

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .