Reflective side-channel cryptanalysis

Eran Tromer, Weizmann Institute of Science

Side-channel cryptanalysis exploits physical information leakage from cryptographic devices to undermine their security. Most side-channel attacks require special measurement equipment and are thus limited in applicability.

This talk will present two side channels that can be exploited in many settings without special equipment. First, CPU cache contention leaks information on memory access patterns in several ways. Second, acoustic emanations from electronic circuit components can be information-bearing and are often detectable by a plain microphone. Applications of these side channels to RSA and AES will be shown.

In some common cases these attacks can be carried out by software within the target computer, allowing an unprivileged process to glean secret information from privileged ones without any explicit interaction. This raises new challenges for multiuser, partitioned and sandboxed environments.

Joint work with Dag Arne Osvik and Adi Shamir.

Gates 4B (opposite 490) Friday 07/15/05 1630 hrs