Abstract

This paper points out that both the micro-architecture of the processor and the cache initial state impact the amount of side-channel information which is provided by analyzing the cache behaviour during a symmetric encryption. Therefore, the vulnerability of a block cipher implementation based on lookup tables highly varies with the encryption context and with the targeted platform. Our results then clarify some simulations reported by Bernstein and show that they can be reproduced only in a very particular context. However, we point out that some AES key bits can be recovered even if all lookup tables lie in the cache before each encryption, i.e., if all cache misses are avoided.