Title: CACHE-BASED SIDE CHANNEL ATTACKS IMPLEMENTATIONS AND EXTENSIONS
Abstract
In recent years, Intel x86 architecture is exposed to multiple cache-based side-channel attacks (CSCAs). These CSCAs, not only allowed adversaries to leak private keys of otherwise mathematically strong crypto-systems like RSA, AES, and Elliptical Curves but also allow adversaries to read un-authorized kernel and complete physical memory of machines (Spectre and Meltdown). In this thesis, I have experimented with multiple CSCAs including Prime+Probe, Flush+Reload, Flush+Flush on both AES and RSA crypto-systems, Spectre and Meltdown. I have implemented these available attacks on my lab machines, developed tools for timing measurements & plots, and based on these experiments, I have extended state-of-the-art CSCA on AES and proposed two new variants of CSCAs on AES. One variants use Flush+Flush as CSCA and is stealthier as compared to existing state-of-theart (Flush+Reload) on AES where 2nd variant uses Prime+Probe, and don’t require flushing of caches, thus no dependencies on special instructions, like ’clflush’ of x86 architecture.
This thesis is part of larger project, where other team members are working on detection and mitigation’s of these CSCA. A joint publication ’Sherlock Holmes of Cache Side-Channel Attacks in Intel’s x86 Architecture’ is published in IEEE CNS 2019 involving detection work on these attacks.