A Practical Implementation of a New Flush+Reload Side Channel Attack on AES

Since multiple memory accesses are time consuming, processors use cache to optimize runtime. The cache leads to temporal changes in the implementation of a program and is one of the most important source of information leakage in the timing side channel. Flush+Reload attack is a series of Cache Side Channel attack that the most important characteristics of this attack can be used to identify access to a particular memory line and target being the lowest level cache (LLC) noted that these features lead to increased precision of attack and its usability. In this paper, a new Flush+Reload attack (of the chosen plaintext attack) on the AES implemented in the OpenSSL is presented. While the previous Flush+Reload attack on AES requires about 400000 encryption operations, the attack presented in this paper, required only about 100 encryption operations to fully recover encryption keys. The attack described in this paper is implemented in practice and the actual results confirm the attack’s integrity.