[cryptography] side channel analysis on phones

Rob Kendrick rjek at rjek.com
Fri Mar 8 08:11:14 EST 2013


On Fri, Mar 08, 2013 at 07:45:55AM -0500, Ethan Heilman wrote:
> It depends what sort of side channel attacks you are worried about and what
> sort of crypt algorithms you are using.
> 
> My knowledge area is cache based side channel attacks.
> 
> 1. ARM chips use trustzone which claims it prevents cache based side
> channel attacks when running in secure mode but probably amplifies them (I
> found this on a set of slides a crypto class a professor had put up on the
> web a few years back but have not verified it myself).

Some of the systems I have seen that use TrustZone flush the cache on
entry and exist from the monitor.  It's quite a performance hit.

> 2. ARM v8 has the AES instruction set which you should use, some mobile
> libraries may not use so check your library.

Many ARM SoCs have AES blocks already integrated.

> 3. Timers on ARM chips don't have the same resolution as timers on x86 so
> cache based attacks are very possible but harder.

The ARM has no timers as such; it's up to the SoC vendor to integrate
them.  And some of them are very high resolution.

B.



More information about the cryptography mailing list