A survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography



Download 176.24 Kb.
Page6/15
Date03.05.2023
Size176.24 Kb.
#61249
1   2   3   4   5   6   7   8   9   ...   15
3456629
Package. Each package has one LLC that caches data from applications running on all cores. If a data access request cannot be fulfilled by the LLC, then the memory controller will be involved. The memory controller bu$ers the requests in multiple queues, schedules them for high performance and fairness, and directs them to the DRAM chips. Cores, the LLC, and the memory controller are interconnected by the memory buses with very high bandwidth.
Computer. A computer consists of several packages and DRAM chips. A DRAM chip has several banks. Each bank can be viewed as a two-dimensional array with multiple rows and columns and has a row bu$er to hold the most recently used row to speed up DRAM accesses. A memory access to a DRAM bank may either be served by the row bu$er (bu$er hit), which is fast, or in the bank itself (bu$er miss), which is slow. Packages and DRAM chips are interconnected in a Non-Uniform Memory Architecture (NUMA): Each DRAM is associated with a package, and each package can access all DRAM chips, but it is faster for the package to access its own local DRAM.
Trusted Execution Environment (TEE). This feature protects the security of unprivileged pro- grams from the malicious OS through isolated execution and memory encryption. It has been implemented in ARM TrustZone [11] and Intel SGX [48]. However, as the design of TEE does not consider side-channel attacks, it is possible to use conventional techniques to steal secrets from the protected application. If the attacker is the malicious OS, then she can obtain fine-grained in- formation in an easier way by manipulating the OS interrupt (e.g., SGX-Step [197]). If the attacker is a normal user, then she can use enclaves to hide malicious behaviors [176].

1For remote timing attacks, the adversary does not need to launch spy programs on the victim machine, hence SMT does


not a$ect the attack results.


    1. Cryptography



Download 176.24 Kb.

Share with your friends:
1   2   3   4   5   6   7   8   9   ...   15




The database is protected by copyright ©ininet.org 2024
send message

    Main page