Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

Maria Mushtaq; Ayaz Akram; Muhammad Khurram Bhatti; Rao Naveed Bin Rais; Vianney Lapotre; Guy Gogniat

doi:10.1109/GIIS.2018.8635767

Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

Maria Mushtaq, Ayaz Akram, Muhammad Khurram Bhatti, Rao Naveed Bin Rais, Vianney Lapotre, Guy Gogniat

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

This paper presents a run-Time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-Time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-Time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99% for Prime+Probe attack with performance overhead of 3-4% at the highest detection speed, i.e., within 1-2% completion of 4800 AES encryption rounds needed to complete a successful attack.

Original language	English
Title of host publication	2018 Global Information Infrastructure and Networking Symposium, GIIS 2018
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781538672723
DOIs	https://doi.org/10.1109/GIIS.2018.8635767
Publication status	Published - 2 Jul 2018
Externally published	Yes
Event	2018 Global Information Infrastructure and Networking Symposium, GIIS 2018 - Thessaloniki, Greece Duration: 23 Oct 2018 → 25 Oct 2018

Publication series

Name	2018 Global Information Infrastructure and Networking Symposium, GIIS 2018

Conference

Conference	2018 Global Information Infrastructure and Networking Symposium, GIIS 2018
Country/Territory	Greece
City	Thessaloniki
Period	23/10/18 → 25/10/18

Keywords

AES
Cryptography
Detection
HPCs
Machine Learning
Side-Channel Attacks
prime+Probe

Access to Document

10.1109/GIIS.2018.8635767

Cite this

Mushtaq, M., Akram, A., Bhatti, M. K., Rais, R. N. B., Lapotre, V., & Gogniat, G. (2018). Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm. In 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018 Article 8635767 (2018 Global Information Infrastructure and Networking Symposium, GIIS 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/GIIS.2018.8635767

@inproceedings{d4ec5ae580eb4cecbacc715377d659d1,

title = "Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm",

abstract = "This paper presents a run-Time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-Time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-Time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99\% for Prime+Probe attack with performance overhead of 3-4\% at the highest detection speed, i.e., within 1-2\% completion of 4800 AES encryption rounds needed to complete a successful attack.",

keywords = "AES, Cryptography, Detection, HPCs, Machine Learning, Side-Channel Attacks, prime+Probe",

author = "Maria Mushtaq and Ayaz Akram and Bhatti, \{Muhammad Khurram\} and Rais, \{Rao Naveed Bin\} and Vianney Lapotre and Guy Gogniat",

note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018 ; Conference date: 23-10-2018 Through 25-10-2018",

year = "2018",

month = jul,

day = "2",

doi = "10.1109/GIIS.2018.8635767",

language = "English",

series = "2018 Global Information Infrastructure and Networking Symposium, GIIS 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2018 Global Information Infrastructure and Networking Symposium, GIIS 2018",

}

Mushtaq, M, Akram, A, Bhatti, MK, Rais, RNB, Lapotre, V & Gogniat, G 2018, Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm. in 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018., 8635767, 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018, Institute of Electrical and Electronics Engineers Inc., 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018, Thessaloniki, Greece, 23/10/18. https://doi.org/10.1109/GIIS.2018.8635767

Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm. / Mushtaq, Maria; Akram, Ayaz; Bhatti, Muhammad Khurram et al.
2018 Global Information Infrastructure and Networking Symposium, GIIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. 8635767 (2018 Global Information Infrastructure and Networking Symposium, GIIS 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

AU - Mushtaq, Maria

AU - Akram, Ayaz

AU - Bhatti, Muhammad Khurram

AU - Rais, Rao Naveed Bin

AU - Lapotre, Vianney

AU - Gogniat, Guy

PY - 2018/7/2

Y1 - 2018/7/2

N2 - This paper presents a run-Time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-Time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-Time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99% for Prime+Probe attack with performance overhead of 3-4% at the highest detection speed, i.e., within 1-2% completion of 4800 AES encryption rounds needed to complete a successful attack.

AB - This paper presents a run-Time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-Time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-Time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99% for Prime+Probe attack with performance overhead of 3-4% at the highest detection speed, i.e., within 1-2% completion of 4800 AES encryption rounds needed to complete a successful attack.

KW - AES

KW - Cryptography

KW - Detection

KW - HPCs

KW - Machine Learning

KW - Side-Channel Attacks

KW - prime+Probe

U2 - 10.1109/GIIS.2018.8635767

DO - 10.1109/GIIS.2018.8635767

M3 - Conference contribution

AN - SCOPUS:85062887684

T3 - 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018

BT - 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018

Y2 - 23 October 2018 through 25 October 2018

ER -

Mushtaq M, Akram A, Bhatti MK, Rais RNB, Lapotre V, Gogniat G. Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm. In 2018 Global Information Infrastructure and Networking Symposium, GIIS 2018. Institute of Electrical and Electronics Engineers Inc. 2018. 8635767. (2018 Global Information Infrastructure and Networking Symposium, GIIS 2018). doi: 10.1109/GIIS.2018.8635767

Run-Time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this