This paper describes several novel timing attacks against the common table-driven software implementation of the AES cipher. The authors define a general attack strategy using a simplified model of the cache to predict timing variation due to cache-collisions in the sequence of lookups performed by the encryption. The attacks presented should be applicable to most high-speed software AES implementations and computing platforms, the authors have implemented them against OpenSSL v. 0.9.8.(a) running on Pentium III, Pentium IV Xeon, and UltraSPARC III+ machines. While the task of defending AES against all timing attacks is challenging, a small patch can significantly reduce the vulnerability to these specific attacks with no performance penalty.
Did you find this white paper useful?
29 out of 50 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Web application security: automated scanning versus manual penetration testing
Web sites are vulnerable to Web application attacks and a great percentage of these attacks occur over the HTTP/S protocols, ports that are often exposed to the entire online community....
Global Best Practices in Email Security, Privacy and Compliance
A new generation of email security solutions is needed to meet the challenges of growing message traffic, rapidly-evolving security threats and increasingly complex data protection and privacy regulations worldwide. Securing inbound...
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you...
Enterprise Information Classification: Ensuring Persistent Encryption
This webcast cover best practices around information classification as part of an overall Information Protection Strategy. It is essential to classify information according to its value and level of sensitivity...
