缓存侧信道攻击与防御

Cache Side-Channel Attacks and Defenses

近年来,随着信息技术的发展,信息系统中的缓存侧信道攻击层出不穷.从最早利用缓存计时分析推测密钥的想法提出至今,缓存侧信道攻击已经历了10余年的发展和演进.研究中梳理了信息系统中缓存侧信道攻击风险,并对缓存侧信道攻击的攻击场景、实现层次、攻击目标和攻击原理进行了总结.系统分析了针对缓存侧信道攻击的防御技术,从缓存侧信道攻击防御的不同阶段出发,分析了攻击检测和防御实施2部分研究工作,并基于不同防御原理对防御方法进行分类和分析.最后,总结并讨论了互联网生态体系下缓存侧信道攻击与防御的研究热点,指出缓存侧信道攻击与防御未来的研究方向,为想要在这一领域开始研究工作的研究者提供参考.

In recent years,with the development of information technology,cache side-channel attack threats in information system has a rapid growth.It has taken more than 10 years for cache side channel attacks to evolve and develop since cache-timing analysis was proposed to speculate encryption keys.In this survey,we comb the cache side-channel attack threats in the information system by analyzing the vulnerabilities in the design characteristics of software and hardware.Then we summarize the attacks from attack scene,cache levels,attack targets and principles.Further more,we compare the attack conditions,advantages and disadvantages of 7 typical cache side-channel attacks in order to better understand their principles and applications.We also make a systematic analysis of the defense technology against cache side channel attack from detection stage and prevention stage,classify and analyze the defence technology based on different defense principles.Finally,we summarize the work of this paper,discuss the research hotspots and the development trend of cache side-channel attack and defense under the Internet ecosystem,and point out the future research direction of cache side-channel attack and defense,so as to provide reference for researchers who want to start research in this field.