A survey of microarchitectural timing attacks and countermeasures on contemporary hardware

Microarchitectural timing channels expose hidden hardware states though timing. We survey recent attacks that exploit microarchitectural features in shared hardware, especially as they are relevant for cloud computing. We classify types of attacks according to a taxonomy of the shared resources leveraged for such attacks. Moreover, we take a detailed look at attacks used against shared caches. We survey existing countermeasures. We finally discuss trends in attacks, challenges to combating them, and future directions, especially with respect to hardware support.

[1]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[2]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[3]  Marvin Schaefer,et al.  Program confinement in KVM/370 , 1977, ACM '77.

[4]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[5]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[6]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[7]  John M. Boone,et al.  INTEGRITY-ORIENTED CONTROL OBJECTIVES: PROPOSED REVISIONS TO THE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA (TCSEC), DoD 5200.28-STD , 1991 .

[8]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  John C. Wray,et al.  An analysis of covert timing channels , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Richard E. Kessler,et al.  Page placement algorithms for large real-indexed caches , 1992, TOCS.

[11]  John C. Wray An Analysis of Covert Timing Channels , 1992, J. Comput. Secur..

[12]  Wei-Ming Hu,et al.  Lattice scheduling and covert channels , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Brian N. Bershad,et al.  Avoiding conflict misses dynamically in large direct-mapped caches , 1994, ASPLOS VI.

[14]  R. L. Sites,et al.  Basic Architecture (I) , 1995 .

[15]  Jochen Liedtke,et al.  OS-controlled cache predictability for real-time systems , 1997, Proceedings Third IEEE Real-Time Technology and Applications Symposium.

[16]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[17]  Jean Gray,et al.  Word of warning. , 2001, Nursing standard (Royal College of Nursing (Great Britain) : 1987).

[18]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[19]  Y. Tsunoo,et al.  Cryptanalysis of Block Ciphers Implemented on Computers with Cache , 2002 .

[20]  Samuel T. King,et al.  ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.

[21]  Carl A. Waldspurger,et al.  Memory resource management in VMware ESX server , 2002, OSDI '02.

[22]  Dirk Grunwald,et al.  Microarchitectural denial of service: insuring microarchitectural fairness , 2002, MICRO.

[23]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..

[24]  Dan Page,et al.  Defending against cache-based side-channel attacks , 2003, Inf. Secur. Tech. Rep..

[25]  Hiroshi Miyauchi,et al.  Cryptanalysis of DES Implemented on Computers with Cache , 2003, CHES.

[26]  Daniel C. DuVarney,et al.  Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.

[27]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[28]  Christof Paar,et al.  A Collision-Attack on AES: Combining Side Channel- and Differential-Attack , 2004, CHES.

[29]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[30]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[31]  Dan Page,et al.  Partitioned Cache Architecture as a Side-Channel Defence Mechanism , 2005, IACR Cryptology ePrint Archive.

[32]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[33]  Onur Aciiçmez,et al.  Trace-Driven Cache Attacks on AES (Short Paper) , 2006, ICICS.

[34]  Onur Aciiçmez,et al.  Predicting Secret Keys Via Branch Prediction , 2007, CT-RSA.

[35]  Ruby B. Lee,et al.  Covert and Side Channels Due to Processor Architecture , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[36]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[37]  Peter M. Chen,et al.  Execution replay for intrusion analysis , 2006 .

[38]  Joseph Bonneau,et al.  Cache-Collision Timing Attacks Against AES , 2006, CHES.

[39]  Jean-Pierre Seifert,et al.  Advances on Access-Driven Cache Attacks on AES , 2006, Selected Areas in Cryptography.

[40]  Michael Neve de Mevergnies,et al.  Cache-based vulnerabilities and spam analysis , 2006 .

[41]  Jean-Pierre Seifert,et al.  Software mitigations to hedge AES against cache-based software side channel vulnerabilities , 2006, IACR Cryptol. ePrint Arch..

[42]  Jean-Pierre Seifert,et al.  Cheap Hardware Parallelism Implies Cheap Security , 2007 .

[43]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[44]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[45]  Onur Mutlu,et al.  Memory Performance Attacks: Denial of Memory Service in Multi-Core Systems , 2007, USENIX Security Symposium.

[46]  Tal Garfinkel,et al.  Compatibility Is Not Transparency: VMM Detection Myths and Realities , 2007, HotOS.

[47]  Onur Aciiçmez,et al.  Cache Based Remote Timing Attack on the AES , 2007, CT-RSA.

[48]  Jean-Pierre Seifert,et al.  On the power of simple branch prediction analysis , 2007, ASIACCS '07.

[49]  Berk Sunar,et al.  Tate Pairing with Strong Fault Resiliency , 2007 .

[50]  Hsien-Hsin S. Lee,et al.  Analyzing Performance Vulnerability due to Resource Denial›of›Service Attack on Chip Multiprocessors , 2007 .

[51]  Onur Aciiçmez,et al.  Yet another MicroArchitectural Attack:: exploiting I-Cache , 2007, CSAW '07.

[52]  Jean-Pierre Seifert,et al.  Cheap Hardware Parallelism Implies Cheap Security , 2007, Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2007).

[53]  Jean-Pierre Seifert,et al.  New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures , 2007, IMACC.

[54]  Onur Aciiçmez,et al.  A Vulnerability in RSA Implementations Due to Instruction Cache Analysis and Its Demonstration on OpenSSL , 2008, CT-RSA.

[55]  Gianluca Palermo,et al.  A security monitoring service for NoCs , 2008, CODES+ISSS '08.

[56]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[57]  Shay Gueron,et al.  Intel's New AES Instructions for Enhanced Performance and Security , 2009, FSE.

[58]  Onur Aciiçmez,et al.  Microarchitectural Attacks and Countermeasures , 2009, Cryptographic Engineering.

[59]  Adi Shamir,et al.  Efficient Cache Attacks on AES, and Countermeasures , 2010, Journal of Cryptology.

[60]  Risto M. Hakala,et al.  Cache-Timing Template Attacks , 2009, ASIACRYPT.

[61]  Koen De Bosschere,et al.  Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[62]  Frederic T. Chong,et al.  Execution leases: A hardware-supported mechanism for enforcing strong non-interference , 2009, 2009 42nd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[63]  Markus Dürmuth,et al.  A Provably Secure and Efficient Countermeasure against Timing Attacks , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[64]  Jean-Pierre Seifert,et al.  Hardware-software integrated approaches to defend against software cache-based side channel attacks , 2009, 2009 IEEE 15th International Symposium on High Performance Computer Architecture.

[65]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[66]  Ramakrishna Gummadi,et al.  Determinating timing channels in compute clouds , 2010, CCSW '10.

[67]  Le Xu Securing the Enterprise with Intel ® AES-NI , 2010 .

[68]  Danfeng Zhang,et al.  Predictive black-box mitigation of timing channels , 2010, CCS '10.

[69]  Michael Tunstall,et al.  Improved Trace-Driven Cache-Collision Attacks against Embedded AES Implementations , 2010, WISA.

[70]  Michael E. Kounavis,et al.  Multiplication Instruction and its Usage for Computing the GCM Mode , 2010 .

[71]  Michael E. Kounavis,et al.  Efficient implementation of the Galois Counter Mode using a carry-less multiplier and a fast reduction algorithm , 2010, Inf. Process. Lett..

[72]  Onur Aciiçmez,et al.  New Results on Instruction Cache Attacks , 2010, CHES.

[73]  Danfeng Zhang,et al.  Predictive mitigation of timing channels in interactive systems , 2011, CCS '11.

[74]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[75]  Stephan Krenn,et al.  Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice , 2011, 2011 IEEE Symposium on Security and Privacy.

[76]  Haibo Chen,et al.  Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[77]  Matti A. Hiltunen,et al.  An exploration of L2 cache covert channels in virtualized environments , 2011, CCSW '11.

[78]  Hovav Shacham,et al.  Eliminating fine grained timers in Xen , 2011, CCSW '11.

[79]  Frederic T. Chong,et al.  Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security , 2011, 2011 38th Annual International Symposium on Computer Architecture (ISCA).

[80]  G. Edward Suh,et al.  Efficient Timing Channel Protection for On-Chip Networks , 2012, 2012 IEEE/ACM Sixth International Symposium on Networks-on-Chip.

[81]  Benjamin Farley,et al.  Resource-freeing attacks: improve your cloud performance (at your neighbor's expense) , 2012, CCS.

[82]  Tanja Lange,et al.  The Security Impact of a New Cryptographic Library , 2012, LATINCRYPT.

[83]  Zhenyu Wu,et al.  Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud , 2012, USENIX Security Symposium.

[84]  Danfeng Zhang,et al.  Language-based control and mitigation of timing channels , 2012, PLDI.

[85]  Bryan Ford,et al.  Plugging Side-Channel Leaks with Timing Information Flow Control , 2012, HotCloud.

[86]  Shay Gueron,et al.  Efficient software implementations of modular exponentiation , 2012, Journal of Cryptographic Engineering.

[87]  Laurent Mauborgne,et al.  Automatic Quantification of Cache Side-Channels , 2012, CAV.

[88]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[89]  Taesoo Kim,et al.  STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud , 2012, USENIX Security Symposium.

[90]  Simha Sethumadhavan,et al.  TimeWarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[91]  Nael B. Abu-Ghazaleh,et al.  Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks , 2012, TACO.

[92]  Benedikt Heinz,et al.  A Cache Timing Attack on AES in Virtualization Environments , 2012, Financial Cryptography.

[93]  Sen Hu,et al.  Efficient system-enforced deterministic parallelism , 2010, OSDI.

[94]  Carsten Willems,et al.  Practical Timing Side Channel Attacks against Kernel Space ASLR , 2013, 2013 IEEE Symposium on Security and Privacy.

[95]  Deian Stefan,et al.  Eliminating Cache-Based Timing Attacks with Instruction-Based Scheduling , 2013, ESORICS.

[96]  Timothy Bourke,et al.  seL4: From General Purpose to a Proof of Information Flow Enforcement , 2013, 2013 IEEE Symposium on Security and Privacy.

[97]  Michael Godfrey,et al.  On the Prevention of Cache-Based Side-Channel Attacks in a Cloud Environment , 2013 .

[98]  W. Schummer,et al.  A word of warning. , 2013, Deutsches Arzteblatt international.

[99]  Michael K. Reiter,et al.  Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud , 2013, CCS.

[100]  Mohammad Zulkernine,et al.  A Server-Side Solution to Cache-Based Side-Channel Attacks in the Cloud , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[101]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[102]  David Cock,et al.  Practical Probability: Applying pGCL to Lattice Scheduling , 2013, ITP.

[103]  Lui Sha,et al.  MemGuard: Memory bandwidth reservation system for efficient performance isolation in multi-core platforms , 2013, 2013 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS).

[104]  Ying Gao,et al.  SurfNoC: a low latency and provably non-interfering approach to secure networks-on-chip , 2013, ISCA.

[105]  Peng Li,et al.  Mitigating access-driven timing channels in clouds using StopWatch , 2013, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[106]  Mikael Sjödin,et al.  The Multi-Resource Server for predictable execution on multi-core platforms , 2014, 2014 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS).

[107]  Gorka Irazoqui Apecechea,et al.  Wait a Minute! A fast, Cross-VM Attack on AES , 2014, RAID.

[108]  John Kim,et al.  Security Vulnerability in Processor-Interconnect Router Design , 2014, CCS.

[109]  Gorka Irazoqui Apecechea,et al.  Fine Grain Cross-VM Attacks on Xen and VMware , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[110]  Gernot Heiser,et al.  The Last Mile: An Empirical Study of Timing Channels on seL4 , 2014, CCS.

[111]  Naomi Benger,et al.  "Ooh Aah... Just a Little Bit" : A Small Amount of Side Channel Can Go a Long Way , 2014, CHES.

[112]  Ruby B. Lee,et al.  Random Fill Cache Architecture , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[113]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[114]  Yuval Yarom,et al.  Just a Little Bit More , 2015, CT-RSA.

[115]  Georg Sigl,et al.  On Cache Timing Attacks Considering Multi-core Aspects in Virtualized Embedded Systems , 2014, INTRUST.

[116]  Jizeng Wei,et al.  The Micro-architectural Support Countermeasures against the Branch Prediction Analysis Attack , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[117]  Gernot Heiser,et al.  Comprehensive formal verification of an OS microkernel , 2014, TOCS.

[118]  Naomi Benger,et al.  Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack , 2014, IACR Cryptol. ePrint Arch..

[119]  Angelos D. Keromytis,et al.  ret2dir: Rethinking Kernel Isolation , 2014, USENIX Security Symposium.

[120]  Yao Wang,et al.  Timing channel protection for a shared memory controller , 2014, HPCA.

[121]  Andreas Herkersdorf,et al.  Performance Isolation Exposure in Virtualized Platforms with PCI Passthrough I/O Sharing , 2014, ARCS.

[122]  Michael K. Reiter,et al.  Cross-Tenant Side-Channel Attacks in PaaS Clouds , 2014, CCS.

[123]  Michael M. Swift,et al.  Scheduler-based Defenses against Cross-VM Side-channels , 2014, USENIX Security Symposium.

[124]  Nicolas Le Scouarnec,et al.  Reverse Engineering Intel Last-Level Cache Complex Addressing Using Performance Counters , 2015, RAID.

[125]  Alec Wolman,et al.  Protecting Data on Smartphones and Tablets from Memory Attacks , 2015, ASPLOS.

[126]  Gorka Irazoqui Apecechea,et al.  Systematic Reverse Engineering of Cache Slice Selection in Intel Processors , 2015, 2015 Euromicro Conference on Digital System Design.

[127]  Aurélien Francillon,et al.  C5: Cross-Cores Cache Covert Channel , 2015, DIMVA.

[128]  Rynson W. H. Lau,et al.  On Mitigating the Risk of Cross-VM Covert Channels in a Public Cloud , 2015, IEEE Transactions on Parallel and Distributed Systems.

[129]  Billy Bob Brumley,et al.  Amplifying side channels through performance degradation , 2016, ACSAC.

[130]  Liang Gu,et al.  Warding off timing attacks in Deterland , 2015, ArXiv.

[131]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[132]  Vyas Sekar,et al.  Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration , 2015, CCS.

[133]  Stefan Mangard,et al.  ARMageddon: Last-Level Cache Attacks on Mobile Devices , 2015, ArXiv.

[134]  Gorka Irazoqui Apecechea,et al.  Lucky 13 Strikes Back , 2015, AsiaCCS.

[135]  Jan Reineke,et al.  CacheAudit: A Tool for the Static Analysis of Cache Side Channels , 2013, TSEC.

[136]  Stefan Mangard,et al.  Reverse Engineering Intel DRAM Addressing and Exploitation , 2015, ArXiv.

[137]  Dan Boneh,et al.  Robust and Efficient Elimination of Cache and Timing Side Channels , 2015, ArXiv.

[138]  Angelos D. Keromytis,et al.  The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications , 2015, CCS.

[139]  Klaus Wagner,et al.  Flush+Flush: A Stealthier Last-Level Cache Attack , 2015, ArXiv.

[140]  Gorka Irazoqui Apecechea,et al.  Cross Processor Cache Attacks , 2016, IACR Cryptol. ePrint Arch..

[141]  Gorka Irazoqui Apecechea,et al.  Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud , 2015, IACR Cryptol. ePrint Arch..

[142]  Gernot Heiser,et al.  Mapping the Intel Last-Level Cache , 2015, IACR Cryptol. ePrint Arch..

[143]  Stefan Mangard,et al.  Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches , 2015, USENIX Security Symposium.

[144]  Sorin Lerner,et al.  On Subnormal Floating Point and Abnormal Timing , 2015, 2015 IEEE Symposium on Security and Privacy.

[145]  Gorka Irazoqui Apecechea,et al.  S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.

[146]  Neeraj Suri,et al.  The Impact of Hypervisor Scheduling on Compromising Virtualized Environments , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[147]  Robert Kaiser,et al.  Evolution of the PikeOS Microkernel , 2015 .

[148]  Ruby B. Lee,et al.  CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds , 2016, RAID.

[149]  Gorka Irazoqui Apecechea,et al.  Cache Attacks Enable Bulk Key Recovery on the Cloud , 2016, CHES.

[150]  Marco Chiappetta,et al.  Real time detection of cache-based side-channel attacks using hardware performance counters , 2016, Appl. Soft Comput..

[151]  Stefan Mangard,et al.  ARMageddon: Cache Attacks on Mobile Devices , 2015, USENIX Security Symposium.

[152]  Michael K. Reiter,et al.  A Software Approach to Defeating Side Channels in Last-Level Caches , 2016, CCS.

[153]  Ashay Rane,et al.  Secure, Precise, and Fast Floating-Point Operations on x86 Processors , 2016, USENIX Security Symposium.

[154]  Klaus Wagner,et al.  Flush+Flush: A Fast and Stealthy Cache Attack , 2015, DIMVA.

[155]  Stefan Mangard,et al.  Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR , 2016, CCS.

[156]  Mehmet Kayaalp,et al.  A high-resolution side-channel attack on last-level cache , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[157]  Gernot Heiser,et al.  CATalyst: Defeating last-level cache side channel attacks in cloud computing , 2016, 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[158]  Taesoo Kim,et al.  Breaking Kernel Address Space Layout Randomization with Intel TSX , 2016, CCS.

[159]  Ruby B. Lee,et al.  Memory DoS Attacks in Multi-tenant Clouds: Severity and Mitigation , 2016, ArXiv.

[160]  Cesar Pereida García,et al.  "Make Sure DSA Signing Exponentiations Really are Constant-Time" , 2016, CCS.

[161]  Yuval Yarom,et al.  CacheBleed: a timing attack on OpenSSL constant-time RSA , 2016, Journal of Cryptographic Engineering.

[162]  Stefan Mangard,et al.  DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks , 2015, USENIX Security Symposium.

[163]  Nael B. Abu-Ghazaleh,et al.  Jump over ASLR: Attacking branch predictors to bypass ASLR , 2016, 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[164]  Karen Spärck Jones,et al.  Security Engineering: a Guide to Building Dependable Distributed Systems Security Printing and Seals , .