ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2020, Vol. 57 ›› Issue (4): 824-835.doi: 10.7544/issn1000-1239.2020.20190581

Previous Articles     Next Articles

Survey of Access-Driven Cache-Based Side Channel Attack

Miao Xinliang1, Jiang Liehui1, Chang Rui2   

  1. 1(State Key Laboratory of Mathematical Engineering and Advanced Computing(Strategic Support Force Information Engineering University), Zhengzhou 450001);2(College of Computer Science and Technology, Zhejiang University, Hangzhou 310027)
  • Online:2020-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61802431).

Abstract: In recent years, massive heterogeneous IoT (Internet of things) terminal devices carry the core functions, and they are easier to be the direct targets of attackers. Besides, more terminal devices and cloud platforms are suffering from cache-based side channel attacks. These attacks construct the fine-grained and the concealed cache side channel to extract sensitive data (such as encryption keys) from the target devices, which defeats the isolation mechanism. In this paper, we focus on access-driven cache-based side channel attack technology. Firstly, the fundamental principle and the current research status of cache-based side channel attack are present. Then, "Evict+Reload" attack, "Prime+Probe" attack and "Flush+Reload" attack, which belong to access-driven cache-based side channel attack, are described mainly. Especially, the attack principle, implementation process and attack effect are elaborated through theoretical analysis and experimental verification. After that, the characteristics and applications of the above three attacks are discussed, and the comparison results are given. Furthermore, the current challenges in LLC (last-level cache) attack and noise elimination are proposed. Finally, the future research directions are pointed out in the era of IoE (Internet of everything), in terms of the gradual change of the cache hierarchy, the massive data storage of the cloud platforms, and the widespread deployment of TEE (trusted execution environment) on physical devices.

Key words: access-driven, cache-based side channel attack, IoT devices, cloud platforms, last-level cache

CLC Number: