论文信息 - A practical testing framework for isolating hardware timing channels

A practical testing framework for isolating hardware timing channels

This work identifies a new formal basis for hardware information flow security by providing a method to separate timing flows from other flows of information. By developing a framework for identifying these different classes of information flow at the gate-level, one can either confirm or rule out the existence of such flows in a provable manner. To demonstrate the effectiveness of our presented model, we discuss its usage on a practical example: a CPU cache in a MIPS processor written in Verilog HDL and simulated in a scenario which accurately models previous cache-timing attacks. We demonstrate how our framework can be used to isolate the timing channel used in these attacks.

Ryan Kastner | Sarah Meiklejohn | Timothy Sherwood | Jason Oberg

[1] Frederic T. Chong,et al. Complete information flow tracking from the gates up , 2009, ASPLOS.

[2] Richard A. Kemmerer,et al. Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[3] Edward A. Lee,et al. A framework for comparing models of computation , 1998, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[4] Frederic T. Chong,et al. Caisson: a hardware description language for secure information flow , 2011, PLDI '11.

[5] Adi Shamir,et al. Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[6] Wei-Ming Hu. Reducing Timing Channels with Fuzzy Time , 1992, J. Comput. Secur..

[7] Wei Hu,et al. Information flow isolation in I2C and USB , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).