The purpose of this timing data is to demonstrate the ability to produce timing leakage based on the behavior of the coalescing unit on a GPU. We collected this data from an Nvidia Kepler K40 GPU running an AES-128 encryption. The encryption implementation used was ported from the OpenSSL 0.9.7 library, and is written CUDA. We transformed an entire block encryption into a single GPU kernel, such that each thread in the GPU can process one block encryption independently. This timing data contains timing information and ciphertext from 32 parallel AES encryptions. Each encryption thread is using the same secret key, as shown below. 

There are 1 million timing samples in this data file, which is in binary format. Each trace is encoded as 512 (32x16) bytes of ciphertext and 8 bytes of timing information. You can use a simple C fread function to read each timing sample as follows

fread(ciphers, sizeof(uint8_t), 32 * 16, data_file_fp)
fread(timing, sizeof(uint64_t), 1, data_file_fp)

ciphers[0] to ciphers[15] holds one 16-byte ciphertext from one encryption thread. Timing information is collected from GPU by inserting clock() function at the start and end of the encryption kernel.

The secret key used is:
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

[1] Jiang, Zhen Hang, Yunsi Fei, and David Kaeli. "A complete key recovery timing attack on a GPU." High Performance Computer Architecture (HPCA), 2016 IEEE International Symposium on. IEEE, 2016.

If you have any question, please contact Yunsi Fei at

The dataset is available to the public for free. If you use them in your work, we request you to kindly acknowledge us by citing our website with the title of “Northeastern University TeSCASE dataset” and the URL of “”