Countermeasures against Bernstein's remote cache timing attack
This work provides incremental improvements to secure AES implementations against side-channel attacks, relevant for cryptography and security practitioners.
The paper addresses the vulnerability of AES software implementations to remote cache timing attacks by designing and testing countermeasures that hide cache-timing patterns without significantly slowing down encryption.
Cache timing attack is a type of side channel attack where the leaking timing information due to the cache behaviour of a crypto system is used by an attacker to break the system. Advanced Encryption Standard (AES) was considered a secure encryption standard until 2005 when Daniel Bernstein claimed that the software implementation of AES is vulnerable to cache timing attack. Bernstein demonstrated a remote cache timing attack on a software implementation of AES. The original AES implementation can methodically be altered to prevent the cache timing attack by hiding the natural cache-timing pattern during the encryption while preserving its semantics. The alternations while preventing the attack should not make the implementation very slow. In this paper, we report outcomes of our experiments on designing and implementing a number of possible countermeasures.