[cryptography] AES side channel attack using a weakness in the Linux scheduler

Ian G iang at iang.org
Fri Nov 26 17:31:58 EST 2010


On 25/11/10 3:26 AM, Jack Lloyd wrote:

> What are people's thoughts on these kinds of local cache attacks, in
> terms of actual systems security? While obviously very powerful, I
> tend to think that once you have a focused attacker in an unprivledged
> account on your machine, you have bigger problems than losing your AES
> keys (maybe Midori or Coyotos or L4 will fix this someday).


Yes.

I would call this a medium security architecture, no more.  Anything 
that allows an attacker that close to a machine can't be considered to 
be hi-sec.  Another giveaway for med-sec is using a random selection of 
letters for your security model...

So if you've decided that you're only doing a medium security system 
then it's probably likely that you have not done a full analysis, and 
can easily accept the esoteric risk of a cache attack.



iang

PS: Didn't one of the authors of Rijdael write a toungue-in-cheek paper 
revealing a timing attack on AES?



More information about the cryptography mailing list