ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (4): 824-835.doi: 10.7544/issn1000-1239.2020.20190581

• 信息安全 • 上一篇    下一篇



  1. 1(数学工程与先进计算国家重点实验室(战略支援部队信息工程大学) 郑州 450001);2(浙江大学计算机科学与技术学院 杭州 310027) (
  • 出版日期: 2020-04-01
  • 基金资助: 

Survey of Access-Driven Cache-Based Side Channel Attack

Miao Xinliang1, Jiang Liehui1, Chang Rui2   

  1. 1(State Key Laboratory of Mathematical Engineering and Advanced Computing(Strategic Support Force Information Engineering University), Zhengzhou 450001);2(College of Computer Science and Technology, Zhejiang University, Hangzhou 310027)
  • Online: 2020-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61802431).

摘要: 近年来,海量异构的物联网终端设备承载着核心功能,更易成为攻击者的直接目标.Cache侧信道攻击越来越多地出现在终端设备和云平台中,该攻击通过构建细粒度、高隐蔽性的Cache侧信道从目标设备中提取加密密钥等敏感数据,打破设备的隔离保护机制.在综述中,针对访问驱动下的Cache侧信道攻击技术展开研究,介绍了Cache侧信道攻击技术的基本原理和研究现状,通过理论分析和实例验证的方式重点研究了“清除+重载”攻击、“填充+探测”攻击、“刷新+重载”攻击的攻击原理、攻击过程和攻击效果.以攻击特点、攻击范围和对应的防御方案为切入点,对上述3种攻击进行对比分析,指出不同攻击的优缺点和适用场景;进一步探讨攻击过程中存在的问题,提出了攻击最后一级缓存(last-level cache, LLC)和噪声处理方面面临的挑战.最后结合万物互联时代下,从Cache层次结构的逐步转变、云平台的海量数据存储、以及终端设备上可信应用环境的广泛部署等现状,讨论了未来可能的研究方向.

关键词: 访问驱动, Cache侧信道攻击, 物联网设备, 云平台, 最后一级缓存

Abstract: In recent years, massive heterogeneous IoT (Internet of things) terminal devices carry the core functions, and they are easier to be the direct targets of attackers. Besides, more terminal devices and cloud platforms are suffering from cache-based side channel attacks. These attacks construct the fine-grained and the concealed cache side channel to extract sensitive data (such as encryption keys) from the target devices, which defeats the isolation mechanism. In this paper, we focus on access-driven cache-based side channel attack technology. Firstly, the fundamental principle and the current research status of cache-based side channel attack are present. Then, "Evict+Reload" attack, "Prime+Probe" attack and "Flush+Reload" attack, which belong to access-driven cache-based side channel attack, are described mainly. Especially, the attack principle, implementation process and attack effect are elaborated through theoretical analysis and experimental verification. After that, the characteristics and applications of the above three attacks are discussed, and the comparison results are given. Furthermore, the current challenges in LLC (last-level cache) attack and noise elimination are proposed. Finally, the future research directions are pointed out in the era of IoE (Internet of everything), in terms of the gradual change of the cache hierarchy, the massive data storage of the cloud platforms, and the widespread deployment of TEE (trusted execution environment) on physical devices.

Key words: access-driven, cache-based side channel attack, IoT devices, cloud platforms, last-level cache