Robust Final-Round Cache-Trace Attacks Against AES

This paper describes an algorithm to attack AES using sidechannel information from the final round cache lookups performed by the encryption, specifically whether each access hits or misses in the cache, building off of previous work by Acıiçmez and Koç [AK06]. It is assumed that an attacker could gain such a trace through power consumption analysis or electromagnetic analysis. This information has already been shown to lead to an effective attack. This paper interprets cache trace data available as binary constraints on pairs of key bytes then reduces key search to a constraint-satisfaction problem. In this way, an attacker is guaranteed to perform as little search as is possible given a set of cache traces, leading to a natural tradeoff between online collection and offline processing. This paper also differs from previous work in assuming a partially pre-loaded cache, proving that cache trace attacks are still effective in this scenario with the number of samples required being inversely related to the percentage of cache which is pre-loaded.