Beyond Cache Attacks

System-on-Chips (SoCs) are a key enabling technology for the Internet-of-Things (IoT), a hyper-connected world where on- and inter-chip communication is ubiquitous. SoCs usually integrate cryptographic hardware cores for confidentiality and authentication services. However, these components are prone to implementation attacks. During the operation of a cryptographic core, the secret key may passively be inferred through cache observations. Access-driven attacks exploiting these observations are therefore a vital threat to SoCs operating in IoT environments. Previous works have shown the feasibility of these attacks in the SoC context. Yet, the SoC communication structure can be used to further improve access-based cache attacks. The communication attacks are not as well-understood as other micro-architectural attacks. It is important to raise the awareness of SoC designers of such a threat. To this end, we present four contributions. First, we demonstrate an improved Prime+Probe attack on four different AES-128 implementations (original transformation tables, T0-Only, T2KB, and S-Box). As a novelty, this attack exploits the collisions of the bus-based SoC communication to further increase its efficiency. Second, we explore the impact of preloading on the efficiency of our communication-optimized attack. Third, we integrate three countermeasures (shuffling, mini-tables, and Time-Division Multiple Access (TDMA) bus arbitration) and evaluate their impact on the attack. Although shuffling and mini-tables countermeasures were proposed in previous work, their application as countermeasures against the bus-based attack was not studied before. In addition, TDMA as a countermeasure for bus-based attacks is an original contribution of this work. Fourth, we further discuss the implications of our work in the SoC design and its perspective with the new cryptographic primitives proposed in the ongoing National Institute of Standard and Technology Lightweight Cryptography competition. The results show that our improved communication-optimized attack is efficient, speeding up full key recovery by up to 400 times when compared to the traditional Prime+Probe technique. Moreover, the protection techniques are feasible and effectively mitigate the proposed improved attack.

[1]  Yuan Xiao,et al.  Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices , 2016, CCS.

[2]  David R. Kaeli,et al.  A complete key recovery timing attack on a GPU , 2016, 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[3]  Martha Johanna Sepúlveda,et al.  A security aware routing approach for NoC-based MPSoCs , 2016, 2016 29th Symposium on Integrated Circuits and Systems Design (SBCCI).

[4]  Martha Johanna Sepúlveda,et al.  Design and Verification of Secure Cache Wrapper Against Access-Driven Side-Channel Attacks , 2019, 2019 22nd Euromicro Conference on Digital System Design (DSD).

[5]  Stefan Mangard,et al.  ARMageddon: Cache Attacks on Mobile Devices , 2015, USENIX Security Symposium.

[6]  Martha Johanna Sepúlveda,et al.  NoC-Based Protection for SoC Time-Driven Attacks , 2015, IEEE Embedded Systems Letters.

[7]  Cezar Reinbrecht,et al.  Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack , 2016, 2016 29th Symposium on Integrated Circuits and Systems Design (SBCCI).

[8]  Ioannis Papaefstathiou,et al.  A review of lightweight block ciphers , 2018, Journal of Cryptographic Engineering.

[9]  Chester Rebeiro,et al.  Cache Timing Attacks on Clefia , 2009, INDOCRYPT.

[10]  Cezar Reinbrecht,et al.  Earthquake — A NoC-based optimized differential cache-collision attack for MPSoCs , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[11]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[12]  Jean-Pierre Seifert,et al.  Advances on Access-Driven Cache Attacks on AES , 2006, Selected Areas in Cryptography.

[13]  Martha Johanna Sepúlveda,et al.  Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls , 2016, Microprocess. Microsystems.

[14]  Martha Johanna Sepúlveda,et al.  Towards Protected MPSoC Communication for Information Protection against a Malicious NoC , 2017, ICCS.

[15]  Yuval Yarom,et al.  CacheBleed: a timing attack on OpenSSL constant-time RSA , 2016, Journal of Cryptographic Engineering.

[16]  Sumanta Chaudhuri Cache Timing Attacks from The SoCFPGA Coherency Port (Abstract Only) , 2017, FPGA.

[17]  Cesar Marcon,et al.  Using Smart Routing for Secure and Dependable NoC-Based MPSoCs , 2020, IEEE/ACM Transactions on Networking.

[18]  Wang Tao,et al.  Robust First Two Rounds Access Driven Cache Timing Attack on AES , 2008, 2008 International Conference on Computer Science and Software Engineering.

[19]  Martha Johanna Sepúlveda,et al.  LiD-CAT: A Lightweight Detector for Cache ATtacks , 2020, 2020 IEEE European Test Symposium (ETS).

[20]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[21]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[22]  Cezar Reinbrecht,et al.  Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[23]  Chester Rebeiro,et al.  Micro-Architectural Analysis of Time-Driven Cache Attacks: Quest for the Ideal Implementation , 2015, IEEE Transactions on Computers.

[24]  Leandro Soares Indrusiak,et al.  Side-channel protected MPSoC through secure real-time networks-on-chip , 2019, Microprocess. Microsystems.

[25]  William Diehl,et al.  Hardware Implementations of NIST Lightweight Cryptographic Candidates: A First Look , 2019, IACR Cryptol. ePrint Arch..

[26]  Martha Johanna Sepúlveda,et al.  Exploiting Bus Communication to Improve Cache Attacks on Systems-on-Chips , 2017, 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[27]  Weidong Shi,et al.  Evaluating coherence-exploiting hardware Trojan , 2017, Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017.

[28]  Luca Benini,et al.  Adaptive TDMA bus allocation and elastic scheduling: A unified approach for enhancing robustness in multi-core RT systems , 2010, 2010 IEEE International Conference on Computer Design.

[29]  Martha Johanna Sepúlveda,et al.  Reconfigurable security architecture for disrupted protection zones in NoC-based MPSoCs , 2015, 2015 10th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC).

[30]  Thomas Peyrin,et al.  The SKINNY Family of Block Ciphers , 2016 .

[31]  Gorka Irazoqui Apecechea,et al.  S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.

[32]  Thomas Plos,et al.  Cache-Access Pattern Attack on Disaligned AES T-Tables , 2013, COSADE.

[33]  Tao Wang,et al.  Improved Cache Trace Attack on AES and CLEFIA by Considering Cache Miss and S-box Misalignment , 2010, IACR Cryptol. ePrint Arch..