Paper 2018/621

Cache-Attacks on the ARM TrustZone implementations of AES-256 and AES-256-GCM via GPU-based analysis

Ben Lapid and Avishai Wool

Abstract

The ARM TrustZone is a security extension which is used in recent Samsung flagship smartphones to create a Trusted Execution Environment (TEE) called a Secure World, which runs secure processes (Trustlets). The Samsung TEE includes cryptographic key storage and functions inside the Keymaster trustlet. The secret key used by the Keymaster trustlet is derived by a hardware device and is inaccessible to the Android OS. However, the ARM32 AES implementation used by the Keymaster is vulnerable to side channel cache-attacks. The Keymaster trustlet uses AES-256 in GCM mode, which makes mounting a cache attack against this target much harder. In this paper we show that it is possible to perform a successful cache attack against this AES implementation, in AES-256/GCM mode, using widely available hardware. Using a laptop's GPU to parallelize the analysis, we are able to extract a raw AES-256 key with 7 minutes of measurements and under a minute of analysis time and an AES-256/GCM key with 40 minutes of measurements and 30 minutes of analysis.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
side-channelcache attacks
Contact author(s)
yash @ eng tau ac il
History
2018-06-22: received
Short URL
https://ia.cr/2018/621
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/621,
      author = {Ben Lapid and Avishai Wool},
      title = {Cache-Attacks on the {ARM} {TrustZone} implementations of {AES}-256 and {AES}-256-{GCM} via {GPU}-based analysis},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/621},
      year = {2018},
      url = {https://eprint.iacr.org/2018/621}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.