【打印本页】      【下载PDF全文】   View/Add Comment  Download reader   Close
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 11921次   下载 7344 本文二维码信息
码上扫一扫!
Cache侧信道攻击防御量化研究
王占鹏,朱子元,王立敏
分享到: 微信 更多
(中国科学院信息工程研究所 北京 中国 100093;中国科学院大学(网络安全学院) 北京 中国 100049)
摘要:
芯片安全防护技术关系到国家、企业和个人的信息安全, 相关的研究一直是计算机安全领域的热点。片上高速缓存对芯片性能起着重要作用, 可以有效提升芯片内核访问效率。传统的缓存设计并没有充分考虑安全性, 侧信道攻击会对 Cache 造成巨大威胁, 可以窃取加密密钥等内存存储敏感信息。攻击者利用侧信道的技术窃取用户的隐私数据或加密算法密钥时不会改变片上系统芯片的运行状态, 从而使计算机系统很难检测是否受到了攻击。与基于电磁信号和基于能量检测的侧信道攻击相比,基于存储共享的侧信道攻击只需要利用软件测量就可以实现, 对芯片安全的威胁更大。目前存在多种侧信道攻击和防御手段,但缺乏一套完善的关于系统架构的安全度量方法, 对 Cache 的安全性进行有效评估。本文对 Cache 侧信道攻击和防御手段进行模型化分析, 提出一套 Cache 安全性量化研究方法。首先, 我们采用 CVSS 漏洞评分模型对 Cache 侧信道攻击进行量化评分。然后, 利用贝叶斯公式, 构建侧信道攻击和防御的关系模型。最后, 通过图模型对 Cache 侧信道攻击机理进行建模, 计算在防御架构基础上不同威胁的攻击成功率, 并结合 CVSS 防御得分求得不同防御方法的得分。本文针对 Cache 侧信道攻击进行机理建模, 对攻击和防御进行评估和探索, 为硬件安全人员提供理论支持。
关键词:  Cache侧信道  CVSS  贝叶斯模型  安全量化  安全架构
DOI:10.19363/J.cnki.cn10-1380/tn.2022.12.10
Received:August 24, 2020Revised:November 20, 2020
基金项目:本课题得到国家科技重大专项(No. 2018ZX01028101)和国家重点研发计划(No. 2018YFB2202104)资助。
Evaluations of Cache Side Channels Attacks and Defends
WANG Zhanpeng,ZHU Ziyuan,WANG Limin
Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
Abstract:
The technology of SoC (System on a Chip) security protection has a significant impact on the information security of countries, enterprises and individuals, which has always been a hot spot in the field of computer security. On-chip cache plays an important role in chip performance, which can effectively improve the access efficiency of chip core. The traditional cache design does not fully consider the security. Unfortunately, side channel attacks will pose a huge threat to the Cache, they can steal encryption keys and other sensitive information stored in the memory. Attackers use side-channel technology to steal users’ private data or even encryption algorithm keys without changing the executing state of the SOC, making it difficult for computer systems to detect attacks. Compared with side-channel attacks based on electromagnetic signals and energy detection, side-channel attacks based on shared storage can be implemented only by software measurement, which pose a greater threat to chip security. At present, there are multiple side channel attacks and defense methods, but there is a lack of security measurement methods on the system architecture to effectively evaluate the security of the cache. In this paper, a model analysis about Cache side channel attacks and defenses is carried out, and a set of security quantitative research methods for Cache security is proposed. First, we use the CVSS vulnerability scoring model to quantitatively score cache side channel attacks. Secondly, using Bayes model to build a relationship model of side channel attacks and defenses. Finally, the graph model is introduced to represent the cache side channel attack mechanism, with this model, we can calculate the attack success rate of different threats based on the defense architecture, and combine the CVSS defense score to obtain the score of different defense methods. This paper models the mechanism of cache side channel attacks, evaluates and explores attacks and defenses, and provides theoretical support for hardware security personnel.
Key words:  Cache side channel  CVSS  Bayes model  security  security architecture