Publication

Faster Software Cryptography

Dag Arne Osvik
2012
EPFL thesis
Abstract

This thesis presents work on the efficiency and security of cryptographic software. First it describes several efforts to construct very efficient implementations of cryptographic primitives. These include the Advanced Encryption Standard (AES) as well as several popular hash functions, spanning from the old MD5 to several candidates for the upcoming SHA-3 standard. Computer architectures considered range from low-end 8-bit microcontrollers to modern high-end graphics cards, and several key techniques for optimizing such implementations are presented. Results include compact implementations of SHA-1 and SHA-256 with reduced memory footprint and more than triple and double speed, respectively, compared with other fast implementations on the same architecture. Next it presents novel cryptanalytic attacks that can be performed on processor architectures with cache memories, like those used in modern personal computers. These belong to the category of side-channel attacks, exploiting unintended information leakage from an implementation to retrieve secret keys without having to find weaknesses in the cipher itself. The attacks even allow an unprivileged process to attack other processes running in parallel on the same processor, despite partitioning methods such as memory protection, sandboxing and virtualization. Practical results include full AES key recovery in 65ms using only write access to an encrypted partition. Finally the thesis investigates a technique for reducing the number of boolean operations required to express the AES round function, resulting in a significant improvement over previous efforts. This can be useful both for very compact AES implementations in hardware and for bitslice implementations of AES, in which software simulates many copies of the same compact hardware. Such software eliminates the table lookups exploited in cache attacks, and hence this kind of implementaton can be completely immune to them.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.