One Attack to Rule Them All: Collision Timing Attack versus 42 AES ASIC Cores
Amir Moradi, Oliver Mischke, Christof Paar
IEEE Transactions on Computers, to appear.
When complex functions, e.g., substitution boxes of block ciphers, are realized in hardware, timing attributes of the underlying combinational circuit depend on the input/output changes of the function. These characteristics can be exploited by the help of a relatively new scheme called fault sensitivity analysis. A collision timing attack which exploits the data-dependent timing characteristics of combinational circuits is demonstrated in this article. The attack is based on an also recently published correlation collision attack, which avoids the need for a hypothetical timing model for the underlying combinational circuit to recover the secret materials. The target platforms of our proposed attack are 14 AES ASIC cores of the SASEBO LSI chips in three different process technologies, 130nm, 90nm, and 65nm. Successfully breaking all cores including the DPA-protected and fault attack protected cores indicates the strength of the attack.[DOI] [pdf]