Software implementation level countermeasures against the cache timing attack on advanced encryption standard
This addresses a security problem for users of AES in electronic data transmission, but it is incremental as it builds on known countermeasure concepts.
The paper tackles the vulnerability of AES to Bernstein's cache timing attack by proposing software-level countermeasures that mask timing information, resulting in a secured environment for AES encryption with positive outcomes.
Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of "constant-encryption-time" were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.