ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

↑ Click the “Thales Terminal Laboratory” above to follow us

Recently, security engineers from Thales Terminal Laboratory analyzed the AES encryption implementation using ARM NEON™ technology, and the results showed that this technology does not effectively resist side-channel attacks, resulting in a risk of AES key leakage.

The ARM Cortex™-A series processors are currently the most widely used processors in smartphones, mobile computing devices, and HDTV products, with almost all smartphones on the market using this processor. NEON™ technology is a 128-bit SIMD (Single Instruction, Multiple Data) architecture extension of the ARM Cortex™-A series processors, designed to provide flexible and powerful acceleration capabilities, significantly improving user experience. Hardware developers can utilize SIMD instructions to accelerate common encryption algorithms like AES, greatly increasing the computational speed of AES encryption. Currently, widely used cryptographic algorithm libraries such as OpenSSL and LibtomCrypt provide methods for calculating AES encryption using SIMD instructions, which are widely applied in the design of secure systems such as Trusted Execution Environments (TEEs).

ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

Figure 1—ARM NEON™ Technology

This time, the laboratory’s security engineers used a Cortex™-A architecture processor chip with a clock frequency of 1.2GHz to conduct security tests on the AES algorithm implemented with NEON™ technology in the general cryptographic algorithm library LibtomCrypt, analyzing the electromagnetic radiation waveforms collected from the chip.

ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

Figure 2—Electromagnetic Radiation Collection

ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

Figure 3—Frequency Domain Waveform of Electromagnetic Radiation Collection

ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

Figure 4—Time Domain Waveform of Electromagnetic Radiation Collection

Analysis shows that the AES algorithm implemented with NEON™ technology in LibtomCrypt does not effectively resist side-channel attacks. There is a significant leakage of intermediate results related to the AES key, which allows attackers to recover the entire AES encryption key using this leakage.

ARM NEON™ General SIMD Engine Has AES Key Leakage Risk

Figure 5—Leakage of AES Key Related Information

As early as 2015, some organizations had published in international journals that this technology might have leakage risks. Now, the laboratory’s engineers have confirmed through experiments that this risk indeed exists, reflecting the strong security processing capabilities of the engineers at the core architecture’s hardware level.

Regarding the confirmed leakage risk, the laboratory has promptly reported it to the relevant organizations and recommends that institutions using ARM architecture take preventive measures against this risk when designing high-security applications like Trusted Execution Environments, by using protected AES encryption code. When conditions allow, it is advisable to use hardware units resistant to side-channel attacks for AES encryption operations (such as Secure Elements (SE) or Embedded Secure Elements (InSE)).

Leave a Comment