基于动态资源使用策略的SMT执行端口侧信道安全防护

doi:10.7544/issn1000-1239.20200537

计算机研究与发展 ›› 2022, Vol. 59 ›› Issue (2): 403-417.doi: 10.7544/issn1000-1239.20200537

基于动态资源使用策略的SMT执行端口侧信道安全防护

岳晓萌^1,2,杨秋松¹,李明树¹

¹(基础软件国家工程研究中心(中国科学院软件研究所) 北京 100190);²(中国科学院大学北京 100049) (xiaomeng@iscas.ac.cn)

出版日期: 2022-02-01
基金资助:
“核高基”国家科技重大专项基金项目(2014ZX01029101-002)；中国科学院战略性先导科技专项(XDA-Y01-01)

SMT Port Side Channel Defending Method Based on Dynamic Resource Usage Strategy

Yue Xiaomeng^1,2, Yang Qiusong¹, Li Mingshu¹

¹(National Engineering Research Center for Fundamental Software (Institute of Software, Chinese Academy of Sciences), Beijing 100190);²(University of Chinese Academy of Sciences, Beijing 100049)

Online: 2022-02-01
Supported by:
This work was supported by the National Science and Technology Major Projects of Hegaoji (2014ZX01029101-002) and the Strategic Priority Research Program of Chinese Academy of Sciences (XDA-Y01-01).

摘要/Abstract

摘要： 同时多线程(simultaneous multi-threading, SMT)技术是提升线程级并行度的重要微架构优化技术之一，SMT技术能够在1个物理核上实现2个逻辑核，提升处理器的整体性能.然而，以共享执行端口为代表的SMT环境下特有的时间侧信道安全问题也陆续出现.提出了一种基于动态资源使用策略的SMT环境下执行端口时间侧信道攻击防护方法，基于SMT技术对数据结构资源的不同处理方式设计动态策略调整算法，通过改进处理器端口绑定及调度选择算法以防护SMT环境下执行端口时间侧信道攻击.防护设计实现了端口冲突矩阵、分支过滤器和动态资源使用策略修改器3个组件，该方法在防护有效性上可以达到关闭SMT技术的防护效果且性能开销大大降低，同时硬件开销可控，具有较高的应用价值.

关键词: 同时多线程, 时间信道, 侧信道, 执行端口, 安全防护

Abstract: Simultaneous multi-threading (SMT) technology is one of the important micro-architecture optimization technologies to improve thread-level parallelism. SMT can realize two logical cores on one physical core and improve the overall performance of the processor. However, some timing channel security problems represented by sharing execution ports in SMT environment appeared. A port timing channel attack defending method is proposed based on dynamic resource usage strategy in SMT environment. Dynamic strategy adjustment algorithm is designed for different processing modes of data structure resources, and improved processor port binding and scheduling selection algorithm are adopted to protect the port side channel attack in SMT environment. Defending method used modular design has realized the port conflict matrix, branch filters and dynamic resource editor strategy. Respectively judgment model for port conflict, branch information filtering and SMT dynamic resource use strategy changes, the final modification strategy can be directly applied to the execution port binding and scheduling algorithm. The defending method in this paper can achieve the effect of close SMT technology and reduce the performance cost greatly. At the same time, its hardware cost is controllable. Therefore, the method proposed in this study has high application value.

Key words: SMT, timing channel, side channel, execution port, security defending

中图分类号:

TP309.2

岳晓萌, 杨秋松, 李明树. 基于动态资源使用策略的SMT执行端口侧信道安全防护[J]. 计算机研究与发展, 2022, 59(2): 403-417.

Yue Xiaomeng, Yang Qiusong, Li Mingshu. SMT Port Side Channel Defending Method Based on Dynamic Resource Usage Strategy[J]. Journal of Computer Research and Development, 2022, 59(2): 403-417.

	作者相关文章
	岳晓萌
	杨秋松
	李明树

[1]	王崇, 魏帅, 张帆, 宋克. 缓存侧信道防御研究综述[J]. 计算机研究与发展, 2021, 58(4): 794-810.
[2]	张润莲, 孙亚平, 韦永壮, 李迎新. 密码S盒的一种新自动搜索方法[J]. 计算机研究与发展, 2020, 57(7): 1415-1423.
[3]	苗新亮, 蒋烈辉, 常瑞. 访问驱动下的Cache侧信道攻击研究综述[J]. 计算机研究与发展, 2020, 57(4): 824-835.
[4]	唐奔宵,王丽娜,汪润,赵磊,王丹磊. 基于差分隐私的Android物理传感器侧信道防御方法[J]. 计算机研究与发展, 2018, 55(7): 1371-1392.
[5]	陈小军1,2,3 时金桥2 徐菲2 蒲以国2 郭莉2. 面向内部威胁的最优安全策略算法研究[J]. 计算机研究与发展, 2014, 51(7): 1565-1577.
[6]	隋秀峰, 吴俊敏, 陈国良,. ARP：同时多线程处理器中共享Cache自适应运行时划分机制[J]. , 2008, 45(7): 1269-1277.
[7]	李祖松, 许先超, 胡伟武, 唐志敏,. 同时多微线程体系结构研究[J]. , 2007, 44(5): 768-774.
[8]	陈书明李振涛万江华胡定磊郭阳汪东扈啸孙书为. “银河飞腾”高性能数字信号处理器研究进展[J]. , 2006, 43(6): 993-1000.
[9]	何立强, 刘志勇,. 一种具有QoS特性的同时多线程处理器取指策略[J]. , 2006, 43(11): 1980-1984.

基于动态资源使用策略的SMT执行端口侧信道安全防护

SMT Port Side Channel Defending Method Based on Dynamic Resource Usage Strategy

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 9

编辑推荐

Metrics

本文评价