https://eprint.iacr.org/2021/464 Cryptology ePrint Archive: Report 2021/464 iTimed: Cache Attacks on the Apple A10 Fusion SoC Gregor Haas and Seetal Potluri and Aydin Aysu Abstract: This paper proposes the first cache timing side-channel attack on one of Apple’s mobile devices. Utilizing a recent, permanent exploit named checkm8, we reverse-engineered Apple’s BootROM and created a powerful toolkit for running arbitrary hardware security experiments on Apple’s in-house designed ARM systems-on-a-chip (SoC). Using this toolkit, we then implement an access-driven cache timing attack (in the style of PRIME+PROBE) as a proof-of-concept illustrator. The advanced hardware control enabled by our toolkit allowed us to reverse-engineer key microarchitectural details of the Apple A10 Fusion’s memory hierarchy. We find that the SoC employs a randomized cache-line replacement policy as well as a hardware-based L1 prefetcher. We propose statistical innovations which specifically account for these hardware structures and thus further the state-of-the-art in cache timing attacks. We find that our access-driven attack, at best, can reduce the security of OpenSSL AES-128 by 50 more bits than a straightforward adaptation of PRIME+PROBE, while requiring only half as many side channel measurement traces. Category / Keywords: implementation / SCA, cache attacks, iPhone Original Publication (in the same form): IEEE HOST Date: received 9 Apr 2021, last revised 14 Aug 2021 Contact author: ghaas at ncsu edu Version: 20210814:150739