This paper describes possible attacks against software implementations of AES running on processors with cache mechanisms, particularly in the case of smart cards. These attacks are based on sidechannel information gained by observing cache hits and misses in the current drawn by the smart card. Two dierent attacks are described. The first is a combination of ideas proposed in [2] and [11] to produce an attack that only requires the manipulation of the plain text and the observation of the current. The second is an attack based on specific implementations of the xtime function [10]. These attacks are shown to also work against algorithms using Boolean data masking techniques as a DPA countermeasure.