DİNLE

PhD Dissertation Defense:Ali Can Atıcı06-12-2018

 

METHODS FOR FINDING THE SOURCES OF LEAKAGE IN

 

CACHE-TIMING ATTACKS AND REMOVING THE PROFILING

 

PHASE

 

 

 

 

 

Ali Can Atıcı
Computer Sciences and Engineering, PhD Dissertation, 2018

 

 

 

Thesis Jury

 

Prof. Dr. Erkay Savaş (Thesis Advisor), Prof. Dr. Albert Levi, Dr. Murat Kaya, Assoc. Prof. Cemal Yılmaz, Dr. Ahmet Onur Durahim, Dr. Cengiz Örencik

 

 

 

 

 

Date & Time: 27th, December 2018 – 09:00 AM

 

Place: FASS G048

Keywords: Side-Channel Analysis, Leakage Sources, Hardware Performance Counters,

 

Cache-Timing Attacks, Cache Modeling, Profiling Phase

 

 

 

Abstract

 

 

 

Cryptographic algorithms are widely used in daily life in order to ensure data confidentiality and privacy. These algorithms are extensively analyzed by scientists against a theoretical deficiency. However, these theoretically verified algorithms could still posses security risks if they are not cautiously implemented. Side-channel analysis can infer the secret key by using the information leakage due to implementation flaws. One of the most studied side-channel attack is the Bernstein’s cache-timing attack. This attack owes its reputation to its ability to succeed without any spy process. However, the exact leakage sources of the Bernstein’s attack remained uncertain to a large extent. Moreover, the need for an identical target system to perform its profiling phase makes the attack unrealistic for real world computing platforms. In this dissertation we address these two problems. Firstly, we propose a methodology to reveal the exact sources of the information leakage. The proposed methodology makes use of hardware performance counters to count the number of cache misses, which the code blocks in the program is subject to. Our methodology can help the developers to analyze their implementations and to fix their code in the early phases of the development. Secondly, we present an approach to extract simplified cache timing-behavior models analytically and propose to use these generated models instead of a profiling phase. We believe, the fact that the attack can be accomplished without a profiling phase will lead the attack to be considered a more realistic threat than the attack originally proposed by Bernstein.

 

 

 

Dinle