skip to main content
research-article

Beyond Cache Attacks: Exploiting the Bus-based Communication Structure for Powerful On-Chip Microarchitectural Attacks

Authors Info & Claims
Published:18 March 2021Publication History
Skip Abstract Section

Abstract

System-on-Chips (SoCs) are a key enabling technology for the Internet-of-Things (IoT), a hyper-connected world where on- and inter-chip communication is ubiquitous. SoCs usually integrate cryptographic hardware cores for confidentiality and authentication services. However, these components are prone to implementation attacks. During the operation of a cryptographic core, the secret key may passively be inferred through cache observations. Access-driven attacks exploiting these observations are therefore a vital threat to SoCs operating in IoT environments. Previous works have shown the feasibility of these attacks in the SoC context. Yet, the SoC communication structure can be used to further improve access-based cache attacks. The communication attacks are not as well-understood as other micro-architectural attacks. It is important to raise the awareness of SoC designers of such a threat. To this end, we present four contributions. First, we demonstrate an improved Prime+Probe attack on four different AES-128 implementations (original transformation tables, T0-Only, T2KB, and S-Box). As a novelty, this attack exploits the collisions of the bus-based SoC communication to further increase its efficiency. Second, we explore the impact of preloading on the efficiency of our communication-optimized attack. Third, we integrate three countermeasures (shuffling, mini-tables, and Time-Division Multiple Access (TDMA) bus arbitration) and evaluate their impact on the attack. Although shuffling and mini-tables countermeasures were proposed in previous work, their application as countermeasures against the bus-based attack was not studied before. In addition, TDMA as a countermeasure for bus-based attacks is an original contribution of this work. Fourth, we further discuss the implications of our work in the SoC design and its perspective with the new cryptographic primitives proposed in the ongoing National Institute of Standard and Technology Lightweight Cryptography competition. The results show that our improved communication-optimized attack is efficient, speeding up full key recovery by up to 400 times when compared to the traditional Prime+Probe technique. Moreover, the protection techniques are feasible and effectively mitigate the proposed improved attack.

References

  1. Mark Aagaard, Riham AlTawy, Guang Gong, Kalikinkar Mandal, and Raghvendra Rohit. 2019. ACE: An authenticated encryption and hash algorithm. Retrieved from https://uwaterloo.ca/communications-security-lab/lwc/ace.Google ScholarGoogle Scholar
  2. P. Burgio, M. Ruggiero, F. Esposito, M. Marinoni, G. Buttazzo, and L. Benini. 2010. Adaptive TDMA bus allocation and elastic scheduling: A unified approach for enhancing robustness in multi-core RT systems. In Proceedings of the IEEE International Conference on Computer Design. 187--194.Google ScholarGoogle Scholar
  3. Sumanta Chaudhuri. 2017. Cache timing attacks from the SoCFPGA coherency port (abstract only). In Proceedings of the ACM/SIGDA International Symposium on Field-Programmable Gate Arrays (FPGA’17). Association for Computing Machinery, New York, NY, 295--296. DOI:https://doi.org/10.1145/3020078.3021802 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Christof Beierle, Jérémy Jean, Stefan Kölbl, Gregor Leander, Amir Moradi, Thomas Peyrin, Yu Sasaki, Pascal Sasdrich, and Siang Meng Sim. 2019. SKINNY family of block ciphers. Retrieved from https://sites.google.com/site/skinnycipher/home.Google ScholarGoogle Scholar
  5. Christoph Dobraunig, Maria Eichlseder, Florian Mendel, and Martin Schläffer. 2019. ASCON Lightweight Authenticated Encryption & Hashing. Retrieved from https://ascon.iaik.tugraz.at/index.html.Google ScholarGoogle Scholar
  6. Pascal Cotret, Guy Gogniat, and Johanna Sepúlveda. 2016. Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls. Microprocess. Microsyst. 42 (2016), 127--141. DOI:https://doi.org/10.1016/j.micpro.2016.01.013Google ScholarGoogle ScholarCross RefCross Ref
  7. Joan Daemen and Vincent Rijmen. 2002. The Design of Rijndael. Springer-Verlag New York, Inc., Secaucus, NJ, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Stefan Kölbl, Thomas Peyrin, Matthieu Rivain, Yu Sasaki, Dahmun Goudarzi, Jérémy Jean, and Siang Meng Sim. 2019. Pyajamask cipher. Retrieved from https://pyjamask-cipher.github.io/.Google ScholarGoogle Scholar
  9. Bob Doud. 2015. Accelerating the Data Plane With the TILE-Mx Manycore Processor. Retrieved from http://www.tilera.com/files/drim__EZchip_LinleyDataCenterConference_Feb2015_7671.pdf.Google ScholarGoogle Scholar
  10. Ramon Fernandes, Rodrigo Cataldo, Cesar Marcon, Georg Sigl, and Johanna Sepúlveda. 2016. A security aware routing approach for NoC-based MPSoC. In Proceedings of the 29th Symposium on Integrated Circuits and Systems Design (SBCCI’16). IEEE, 1--6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. R. Fernandes, C. Marcon, R. Cataldo, and J. Sepúlveda. 2020. Using smart routing for secure and dependable NoC-based MPSoCs. IEEE/ACM Trans. Netw. 28, 3 (2020), 1158--1171.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. George Hatzivasilis, Konstantinos Fysarakis, Ioannis Papaefstathiou, and Charalampos Manifavas. 2018. A review of lightweight block ciphers. J. Cryptogr. Eng. 8, 2 (2018), 141--184.Google ScholarGoogle ScholarCross RefCross Ref
  13. Jim Held and Sean Koehl. 2010. Introducing the Single-chip Cloud Computer. Retrieved from https://simplecore.intel.com/newsroom-en-eu/wp-content/uploads/sites/13/2010/05/Intel_SCC_whitepaper_4302010.pdf.Google ScholarGoogle Scholar
  14. Leandro Soares Indrusiak, James Harbin, Cezar Reinbrecht, and Johanna Sepúlveda. 2019. Side-channel protected MPSoC through secure real-time networks-on-chip. Microprocess. Microsyst. 68 (2019), 34--46. DOI:https://doi.org/10.1016/j.micpro.2019.04.004Google ScholarGoogle ScholarCross RefCross Ref
  15. Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. 2015. S$A: A shared cache attack that works across cores and defies VM sandboxing—And its application to AES. In Proceedings of the IEEE Symposium on Security and Privacy (SP’13). Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Z. H. Jiang, Y. Fei, and D. Kaeli. 2016. A complete key recovery timing attack on a GPU. In Proceedings of the IEEE International Symposium on High Performance Computer Architecture (HPCA’16). 394--405. DOI:https://doi.org/10.1109/HPCA.2016.7446081Google ScholarGoogle Scholar
  17. Xin jie Zhao and Tao Wang. 2010. Improved cache trace attack on AES and CLEFIA by considering cache miss and S-box misalignment. Retrieved from http://eprint.iacr.org/2010/056.Google ScholarGoogle Scholar
  18. Kalray. 2013. KALRAY MPPA: A New Era of processing. Retrieved from https://de.slideshare.net/infokalray/kalray-sc13-external3.Google ScholarGoogle Scholar
  19. M. Kim, S. Kong, B. Hong, L. Xu, W. Shi, and T. Suh. 2017. Evaluating coherence-exploiting hardware Trojan. In Proceedings of the Design, Automation Test in Europe Conference Exhibition (DATE’17). 157--162. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache attacks on mobile devices. In Proceedings of the 25th USENIX Security Symposium (USENIXSecurity’16). USENIX Association, Austin, TX, 549--564. Retrieved from https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/lipp. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. National Institute of Standards and Technology. 2016. Announcing request for nominations for public-key post-quantum cryptographic algorithms. Retrieved from https://csrc.nist.gov/news/2016/public-key-post-quantum-cryptographic-algorithms.Google ScholarGoogle Scholar
  22. Michael Neve and Jean-Pierre Seifert. 2007. Advances on access-driven cache attacks on AES. In Selected Areas in Cryptography, Eli Biham and Amr Youssef (Eds.). Lecture Notes in Computer Science, Vol. 4356. Springer, Berlin, 147--162. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. B. Niazmand, S. Payandeh Azad, G. Jervan, and J. Sepúlveda. 2019. Design and verification of secure cache wrapper against access-driven side-channel attacks. In Proceedings of the 22nd Euromicro Conference on Digital System Design (DSD’19). 672--676.Google ScholarGoogle Scholar
  24. National Institute of Standards and Technology. 2015. NIST Lightweight Cryptography Project. Retrieved from https://csrc.nist.gov/Projects/lightweight-cryptography.Google ScholarGoogle Scholar
  25. D. A. Osvik, A. Shamir, and E. Tromer. 2006. Cache Attacks and Countermeasures: The Case of AES. Springer, Berlin.Google ScholarGoogle Scholar
  26. C. Rebeiro and D. Mukhopadhyay. 2015. Micro-architectural analysis of time-driven cache attacks: Quest for the ideal implementation. IEEE Trans. Comput. 64, 3 (Mar. 2015), 778--790. DOI:https://doi.org/10.1109/TC.2013.212Google ScholarGoogle ScholarCross RefCross Ref
  27. Chester Rebeiro, Debdeep Mukhopadhyay, Junko Takahashi, and Toshinori Fukunaga. 2009. Cache timing attacks on clefia. In Proceedings of the Conference on Progress in Cryptology (INDOCRYPT’09), Bimal Roy and Nicolas Sendrier (Eds.). Springer, Berlin, 104--118. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. C. Reinbrecht, B. Forlin, A. Zankl, and J. Sepúlveda. 2018. Earthquake—A NoC-based optimized differential cache-collision attack for MPSoCs. In Proceedings of the Design, Automation Test in Europe Conference Exhibition (DATE’18). 648--653. DOI:https://doi.org/10.23919/DATE.2018.8342090Google ScholarGoogle Scholar
  29. C. Reinbrecht, S. Hamdioui, M. Taouil, B. Niazmand, T. Ghasempouri, J. Raik, and J. Sepúlveda. 2020. LiD-CAT: A lightweight detector for cache attacks. In Proceedings of the IEEE European Test Symposium (ETS’20).Google ScholarGoogle Scholar
  30. Cezar Reinbrecht, Altamiro Susin, Lilian Bossuet, and Johanna Sepulveda. 2016. Gossip NoC—Avoiding timing side-channel attacks through traffic management. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI’16).Google ScholarGoogle ScholarCross RefCross Ref
  31. C. Reinbrecht, A. Susin, L. Bossuet, G. Sigl, and J. Sepúlveda. 2016. Side-channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe Attack. In Proceedings of the 29th Symposium on Integrated Circuits and Systems Design (SBCCI’16). 1--6. DOI:https://doi.org/10.1109/SBCCI.2016.7724051 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Behnaz Rezvani, Flora Coleman, Sachin Sachin, and William Diehl. 2019. Hardware Implementations of NIST Lightweight Cryptographic Candidates: A First Look. Cryptology ePrint Archive, Report 2019/824. Retrieved from https://eprint.iacr.org/2019/824.Google ScholarGoogle Scholar
  33. J. Sepúlveda, D. Flórez, and G. Gogniat. 2015. Reconfigurable security architecture for disrupted protection zones in NoC-based MPSoCs. In Proceedings of the 10th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC’15). 1--8.Google ScholarGoogle Scholar
  34. J. Sepúlveda, M. Gross, A. Zankl, and G. Sigl. 2017. Exploiting bus communication to improve cache attacks on systems-on-chips. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI’17). 284--289. DOI:https://doi.org/10.1109/ISVLSI.2017.57Google ScholarGoogle Scholar
  35. Johanna Sepúlveda, Andreas Zankl, Daniel Flórez, and Georg Sigl. 2017. Towards protected MPSoC communication for information protection against a malicious NoC. Procedia Comput. Sci. 108 (2017), 1103--1112. DOI:https://doi.org/10.1016/j.procs.2017.05.139Google ScholarGoogle ScholarCross RefCross Ref
  36. Johanna Sepúlveda, Andreas Zankl, Daniel Flórez, and Georg Sigl. 2017. Towards protected MPSoC communication for information protection against a malicious NoC. Procedia Comput. Sci. 108 (2017), 1103--1112. DOI:https://doi.org/10.1016/j.procs.2017.05.139Google ScholarGoogle ScholarCross RefCross Ref
  37. Martha Johanna Sepúlveda, Jean-Philippe Diguet, Marius Strum, and Guy Gogniat. 2015. NoC-based protection for SoC time-driven attacks. IEEE Embed. Syst. Lett. 7, 1 (2015), 7--10.Google ScholarGoogle ScholarCross RefCross Ref
  38. Raphael Spreitzer and Thomas Plos. 2013. Cache-access pattern attack on disaligned AES T-tables. In Constructive Side-Channel Analysis and Secure Design, Emmanuel Prouff (Ed.). Lecture Notes in Computer Science, Vol. 7864. Springer, Berlin, 200--214. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Kazuhiko Minematsu, Thomas Peyrin, Tetsu Iwata, and Mustafa Khairallah. 2019. Romulus authenticated encryption. Retrieved from https://romulusae.github.io/romulus/.Google ScholarGoogle Scholar
  40. Christoph Dobraunig, Bart Mennink, Tim Beyne, and Yu Long Chen. 2019. Elephant Lightweight Authenticated Encryption scheme. Retrieved from https://www.esat.kuleuven.be/cosic/elephant/.Google ScholarGoogle Scholar
  41. Zhenghong Wang and Ruby B. Lee. 2007. New cache designs for thwarting software cache-based side channel attacks. In Proceedings of the 34th Annual International Symposium on Computer Architecture (ISCA’07). ACM, New York, NY, 494--505. DOI:https://doi.org/10.1145/1250662.1250723 Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Yuval Yarom, Daniel Genkin, and Nadia Heninger. 2017. CacheBleed: A timing attack on OpenSSL constant-time RSA. J. Cryptogr. Eng. 7, 2 (2017), 99--112.Google ScholarGoogle ScholarCross RefCross Ref
  43. Xiaokuan Zhang, Yuan Xiao, and Yinqian Zhang. 2016. Return-oriented flush-reload side channels on ARM and their implications for Android devices. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’16). ACM, New York, NY, 858--870. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Xinjie Zhao, Wang Tao, Mi Dong, Zheng Yuanyuan, and Lun Zhaoyang. 2008. Robust first two rounds access driven cache timing attack on AES. In Proceedings of the International Conference on Computer Science and Software Engineering, Vol. 3. 785--788. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Beyond Cache Attacks: Exploiting the Bus-based Communication Structure for Powerful On-Chip Microarchitectural Attacks

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader

          HTML Format

          View this article in HTML Format .

          View HTML Format
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!