A Cache Side Channel Attack Defense Method Based on Local Random Mapping
A side-channel attack and random mapping technology, which is applied in the field of cache side-channel attack defense based on local random mapping, can solve the problem of not being able to completely defend against cache timing attacks, sacrificing the normal functions of the system, and proposing practical defense schemes for uncached timing attacks, etc. problem, to achieve the effect of avoiding global search, less performance, and avoiding dynamic changes
Active Publication Date: 2020-06-30
ZHEJIANG UNIV
View PDF8 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0006] However, in the existing literature, no practical defense scheme against cache timing attacks has been proposed
Most of the existing defense schemes have obvious defects: sacrificing the normal function of the system or not being able to completely defend against cache timing attacks
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0040] The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be noted that the following embodiments are intended to facilitate the understanding of the present invention, but do not limit it in any way.
[0041] Such as figure 1 As shown, a cache side-channel attack defense method based on local random mapping includes the following steps:
[0042]S01, Build a system consisting of CPU, L1 cache, L2 cache, ultimate cache, storage controller and memory.
[0043] S02. Calculate and generate n candidate cache groups for each physical address.
[0044] In the system initialization phase, a hardware random number generator (HRNG) is used to generate n random numbers, called salt. The length of each salt is equal to the sum of the lengths of the tag bit (tag) and the index bit (index) in the physical address. First, split the salt into a salt left and salt right two parts, salt left Same length as...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a cache side channel attack defense method based on local random mapping. The method comprises: (1) constructing a system composed of a CPU, a first-level cache, a second-levelcache, an ultimate cache, a storage controller and a memory; (2) calculating and generating n alternative cache groups for each physical address; (3) when cache access occurs, calculating n alternative cache group indexes corresponding to n alternative cache groups according to a physical address, storing the n alternative cache group indexes in n index registers, and searching the n cache groupsin parallel to determine whether cache hit or cache loss occurs; when the cache is lost, randomly selecting one of the n alternative cache groups as a target cache group to which the cache is finallymapped; and (5) in the target cache group, if the record with the valid bit of 0 exists, writing the memory block taken from the memory into the target cache group, otherwise, selecting one record toreplace one existing memory block. The method has the advantages of high safety, high speed, friendly final cache and the like which are not possessed by the existing method.
Description
technical field [0001] The invention belongs to the field of cache security, in particular to a cache side channel attack defense method based on local random mapping. Background technique [0002] A cache timing attack can cause severe information disclosure by exploiting the difference in latency between a cache hit and a cache miss in memory access. Although the memory spaces of different processes are isolated from each other for security reasons, the cache is still shared by different processes. Thus, a cache access by one process may affect the hit or miss of another process accessing the cache. Since the access delay caused by a cache hit and a cache miss is significantly different, the cache hit or miss can be effectively known by measuring the access delay. Thus, an attacker process can infer a victim process's cache access by measuring its own cache access latency. This means can be used in two attack methods, side channel attack (side channel attack) and covert...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/07G06F16/2455
CPCG06F11/073G06F16/24552
Inventor 卜凯谭钦翰曾治华
Owner ZHEJIANG UNIV