ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development

Previous Articles     Next Articles

A Survey of Cache-Based Side Channel Countermeasure

Wang Chong, Wei Shuai, Zhang Fan, Song Ke   

  1. National Digital Switching System Engineering & Research Center (Strategic Support Force Information Engineering University) , Zhengzhou 450003
  • Supported by: 
    This work was supported by the National Science and Technology Major Projects of Hegaoji (2017ZX01030301).

Abstract: Microarchitectural side channel attack uses microarchitecture state to stole information from victim. It broken the isolation offered by operation system, sandbox and so on, which seriously threatens information security and private, thus it received extensive attention from academia. Unlike other traditional side channel attacks, microarchitectural side channel attack doesn’t require physical contact, nor complex analysis device, and it only needs co-run some code with victim in some share resources. Cache-based side channel attack uses cache such as private L1 Cache and LLC (last level cache) to learn the access pattern of other application, and uses this access pattern to infer secrets. Owning to the fact that cache is widely used in modern CPU, cache-based side channel attack is the most attractive attacks. It’s still an open challenge to defense this kind of attack. In this paper, we firstly introduce the basic architecture and theory related with microarchitectural side channel especially cache-based side channel attack. Then, we consolidate existing attack method into an attack model from attacker ability, attack steps and attack target. According to this model, we classify types of the main existing countermeasure to cache-based side channel attack, and focus on the design of the new secure cache architecture. Finally, we present the trends in countermeasure, challenge to combating them and future directions especially new cache architecture.

Key words: side channel attack (SCA), eviction set, microarchitecture state, attack model, security cache design