Are AES x86 cache timing attacks still feasible?

Keaton Mowery, Sriram Keelveedhi, Hovav Shacham
2012 Proceedings of the 2012 ACM Workshop on Cloud computing security workshop - CCSW '12  
We argue that five recent software and hardware developments -the AES-NI instructions, multicore processors with per-core caches, complex modern software, sophisticated prefetchers, and physically tagged caches -combine to make it substantially more difficult to mount data-cache side-channel attacks on AES than previously realized. We propose ways in which some of the challenges posed by these developments might be overcome. We also consider scenarios where sidechannel attacks are attractive,
more » ... s are attractive, and whether our proposed workarounds might be applicable to these scenarios. several recent changes to the x86. Some of these changes have already been mentioned in work on side-channel attacks; others are well known by architects but less so in the security community. Taken together, these changes make it much more difficult to mount side-channel attacks on AES. Our contribution in this paper is to describe the new challenges to AES cache attacks and to propose ways in which they might be overcome. We also consider scenarios where side-channel attacks are attractive, and whether our proposed workarounds might be applicable to these scenarios. The new challenges to AES side-channel attacks are:
doi:10.1145/2381913.2381917 dblp:conf/ccs/MoweryKS12 fatcat:k7eopivxfbh3vad2r7ivnjctbm