Abstract

Implementing cryptographic algorithms is a difficult problem since additional secret information can be recovered from some physical characteristics of a cryptographic device. Among all side-channel attacks, collision attacks and cache attacks are the most recent ones. The first technique uses side-channel information to detect internal collisions related to the algorithm. The second one exploits timing or power consumptions related to the memory accesses. This paper presents a new attack on the first round of AES based on power analysis, which combines both collision attacks and cache attacks. It provides many linear relations between the secret key bits from the encryption of a few chosen plaintexts. For instance, for a classical implementation using 4 lookup tables on a processor with 64-byte cache blocks, 48 linear relations involving half of the key bits are derived. Some countermeasures which defeat such attacks are also presented. C. Wolf, S. Lucks, P.-W. Yau (Eds.): WEWoRC 2005, LNI P-74, pp. 76–85, 2005. c Gesellschaft fur Informatik e.V.