Theoretical Use of Cache Memory as a Cryptanalytic Side-ChannelD. Page, Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. CSTR-02-003, Department of Computer Science, University of Bristol. June 2002. PDF, 183 Kbytes.
We expand on the idea, proposed by Kelsey et al., of cache memory being used as a side-channel which leaks information during the run of a cryptographic algorithm. By using this side-channel, an attacker may be able to reveal or narrow the possible values of secret information held on the target device. We describe an attack which encrypts 2^10 chosen plaintexts on the target processor in order to collect cache profiles and then performs around 2^32 computational steps to recover the key. As well as describing and simulating the theoretical attack, we discuss how hardware and algorithmic alterations can be used to defend against such techniques.