A survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography
Download 176.24 Kb.
|
- Navigate this page:
- Our contributions.
| Existing surveys. Past e$orts summarized side-channel studies from di$erent perspectives and fail to answer the above questions. First, some works mainly focused on the physical attacks [100, 148, 184], networking attacks [196, 227], or fault injection attacks with integrity breach [66], which have di$erent characteristics or requirements from microarchitectural side-channel attacks. Second, a few surveys [21, 76, 188] only considered the hardware flaws that result in side chan- nels, while ignoring the software vulnerabilities. Third, several e$orts focused on vulnerabilities and countermeasures in one certain cryptosystem (e.g., Elliptic Curve Cryptography [13, 70, 71], Pairing-based cryptography [66]). These summaries are outdated due to a large quantity of newly discovered vulnerabilities and implementation improvements afterwards. Fourth, some works only considered specific platforms (e.g., Trusted Execution Environments [172], smart card [195], cloud [18, 196]) or target applications (e.g., key logging [100, 144]), which did not provide comprehensive conclusions.
Our contributions. Our survey has three significant contributions. First, we characterize microar- chitectural side-channel attacks comprehensively. We summarize the attack vectors in both hard- ware designs (Section 3) and software implementations (Section 4). Second, we identify and ab- stract the key defense strategies, which are categorized into application, system, and hardware, respectively (Section 5). Third, we conduct a large-scale evaluation of mainstream cryptographic applications. We analyze the side-channel vulnerabilities and the corresponding patches in vari- ous libraries and products, and we evaluate the severity and impact from a practical perspective Fig. 1. A Multi-core system. (Section 6). We hope this work can help researchers, developers, and users better understand the current status and the future direction of side-channel research and countermeasure development. Download 176.24 Kb. Share with your friends:
|