ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (4): 794-810.doi: 10.7544/issn1000-1239.2021.20200500

• 信息安全 • 上一篇    下一篇



  1. (国家数字交换系统工程技术研究中心(战略支援部队信息工程大学) 郑州 450003) (
  • 出版日期: 2021-04-01
  • 基金资助: 

A Survey of Cache-Based Side Channel Countermeasure

Wang Chong, Wei Shuai, Zhang Fan, Song Ke   

  1. (National Digital Switching System Engineering & Research Center (Strategic Support Force Information Engineering University),Zhengzhou 450003)
  • Online: 2021-04-01
  • Supported by: 
    This work was supported by the National Science and Technology Major Projects of Hegaoji (2017ZX01030301).

摘要: 微架构侧信道攻击(microarchitectural side channel attack)是一种利用处理器微架构状态开展侧信道攻击的方式.它打破了操作系统及其他软件层面提供的隔离手段,严重威胁了用户的信息安全,受到了学术界的广泛关注.与其他传统侧信道攻击不同,微架构侧信道攻击不需要攻击者与被攻击对象存在物理接触,也不需要复杂的分析设备,它只需要能够与受害者在同一环境中执行代码就可以完成攻击.基于缓存的侧信道攻击(cache-based side channel attack)利用处理器中广泛存在的缓存(cache)结构,所以这种攻击方式最有吸引力,研究也最为深入.首先总结了微架构侧信道攻击尤其是缓存侧信道攻击相关的硬件架构,之后从攻击者能力、攻击步骤以及攻击目标对攻击模型进行讨论,并根据攻击模型对现有的防御措施进行分类和比较,重点介绍了新型安全缓存架构及其设计方案,最后讨论了现有防御措施面临的挑战以及未来的研究方向.

关键词: 侧信道攻击, 冲突域, 微架构状态, 攻击模型, 安全缓存设计

Abstract: Microarchitectural side channel attack uses microarchitecture state to stole information from victim. It breaks the isolation offered by operation system, sandbox and so on, which seriously threatens information security and private, thus it receives extensive attention from academia. Unlike other traditional side channel attacks, microarchitectural side channel attack doesn’t require physical contact, nor complex analysis device, and it only needs co-run some code with victim in some share resources. Cache-based side channel attack uses cache such as private L1 Cache and LLC (last level cache) to learn the access pattern of other application, and uses this access pattern to infer secrets. Owning to the fact that cache is widely used in modern CPU, cache-based side channel attack is the most attractive attacks. It’s still an open challenge to defense this kind of attack. In this paper, we firstly introduce the basic architecture and theory related with microarchitectural side channel especially cache-based side channel attack. Then, we consolidate existing attack methods into an attack model from attacker ability, attack steps and attack target. According to this model, we classify types of the main existing countermeasure to cache-based side channel attack, and focus on the design of the new secure cache architecture. Finally, we present the trends in countermeasure, challenge to combating them and future directions especially new cache architecture.

Key words: side channel attack (SCA), eviction set, microarchitecture state, attack model, security cache design