An approach for isolating the sources of information leakage exploited in cache-based side-channel attacks

Official URL: http://dx.doi.org/10.1109/SERE-C.2013.15

We demonstrate that a certain class of side-channel attacks is feasible due to unintentional cache contentions between code segments in cryptographic applications. These inadvertent contentions should be considered as a flaw in the implementation of cryptographic applications, which necessitates a software analysis framework to identify their primary cause and check the effectiveness of proposed countermeasures. We present an approach to detect code segments in cryptographic applications that are in cache contentions with each other, thus leaking information that can be exploited in side-channel attacks to extract secret keys. To evaluate this approach, we conducted a series of experiments by using the well-known Bernstein's attack. Our results demonstrate, for the first time, that the primary source of exploitable information leakage in the Bernstein's AES server, rendering the attack a success, is the unintentional cache contentions between the parts of the OS kernel that handle network communications and the AES encryption code.