[cryptography] AES side channel attack using a weakness in the Linux scheduler

coderman coderman at gmail.com
Wed Nov 24 15:20:23 EST 2010


On Wed, Nov 24, 2010 at 8:26 AM, Jack Lloyd <lloyd at randombit.net> wrote:
>
> An interesting new eprint on attacking AES using cache timings....
> "Cache Games - Bringing Access Based Cache Attacks on AES to Practice"
> Endre Bangerter and David Gullasch and Stephan Krenn
> http://eprint.iacr.org/2010/594
>
> What are people's thoughts on these kinds of local cache attacks, in
> terms of actual systems security?

good reasons to use a hardware AES implementation like AES-NI or XCRYPT.

as for risks, as you mention, lot's of ways to get unprivileged access
to a host, and any such process could potentially side channel your
keys...



More information about the cryptography mailing list