摘要
由于同步多线程允许多个执行线程之间共享处理器的执行单元,为共享Cache存储器提供了线程间一个实现简单、高带宽的隐通道,使得一个恶意线程能够监视其他线程访问的资源.以OpenSSL0.9.7c实现的RSA算法为攻击对象,通过执行一个间谍线程,监视密码线程,观测RSA解密时读取Cache数据变化时反应的时间特性,通过分析这些时间信息推论出RSA的解密密钥.最后介绍了如何减轻甚至消除这种攻击的建议.
Simultaneous multithreading enables multiple execution threads to share the execution resources of a superscalar,the shared access to memory caches provides an easily used high bandwidth covert channel between threads,allowing that a malicious thread can monitor the execution of another thread.This paper targets at RSA cryptosystem implemented via OpenSSL0.9.7c,monitores the cryptographic thread by executing a Spy thread,recording the timing characteristic during the RSA decryption when reading the Cache.The attacker can recovers the original key by analyzing these timing measurement.Finally,we provide some suggestions of how this attack could be mitigated or eliminated entirely.
出处
《微电子学与计算机》
CSCD
北大核心
2009年第5期180-182,186,共4页
Microelectronics & Computer
基金
国家自然科学基金项目(60772082)
军械工程学院科学研究基金项目(YJJXM07033)
河北省自然科学基金数学研究专项(08M010)