Research On Timing Side Channel Leakage Of Processor Memory Access Devices

In recent years,with the development of digitalization and informationization,the production and life of modern society are increasingly inseparable from computer systems.The processor is the core of the computer system,which is responsible for the work control and calculation of the entire system.In order to improve efficiency,modern processors apply a wide variety of optimization mechanisms,such as index prediction,cache layer structure,out-of-order execution,etc.,which also produce a new kind of time leakage while accelerating.In the field of security,cryptographic algorithms are often used for the protection of sensitive computer cryptographic data.The side-channel attack provides a safe way to bypass the correctness of the password algorithm,making it possible to recover the password.And modern processors optimize the time leaks made by robots,as new side-channel information poses new risks to the security of data in computer systems.There have been a lot of attack work,such as meltdown,which has intimidated a wide range of processors,allowing attackers to restore data at all addresses in memory.Therefore,it is necessary to carry out security detection on all optimized components in the processor,analyze whether it exists in time bypass attacks,and design corresponding protection methods.In the processor,the memory order buffer(MOB)is used to manage the execution order of memory access instructions.It uses load forward and speculative load to improve the bottleneck of memory access time.Load forward will directly bypass the data of the store instruction with dependencies to the load instruction,and speculative load will execute the load instructions without dependencies in advance.While they bring efficiency optimization,they may also cause errors and corresponding blocking.Based on the characteristics of memory sequential cache,this thesis studies the microarchitecture time leak attack and defense.The main research contents and contributions are as follows:(1)This thesis studies microarchitecture and timing side channel vulnerabilities in processor microarchitecture,focuses on analyzing the relationship between vulnerability generation and corresponding microarchitecture characteristics,and obtains the necessary conditions for microarchitecture to have time leakage.Taking advantage of this requirement,this thesis focuses on the analysis of memory sequential caches,a microarchitectural component with little existing work.And after the reverse analysis,it is found that load forward will directly bypass the data of the store instruction with dependencies to the load instruction,and speculative load will execute the load instructions without dependencies in advance.While bringing about efficiency optimization,the addresses obtained by reverse engineering The matching mechanism may also cause execution errors and corresponding blocking,which meets the necessary conditions for microarchitectural time leakage.Corresponding to the second and third chapters of the main text.(2)This thesis proposes that a component that satisfies the necessary conditions for time leaks,such as memory sequential cache,should satisfy three different general attack modes.They are transient attack,communication covert channel and side channel recovery cryptographic algorithm private key.In this thesis,the attack scenarios corresponding to the memory sequential cache construction include the theft of kernel data,and the restoration attack on the private key of the cryptographic algorithm AES T table,etc.At the same time,the actual attack process is also tested,and the success rate and efficiency are statistically evaluated.Corresponding to the fourth chapter of the main text.(3)Based on the idea of existing micro-architecture defense schemes and the necessary conditions for micro-architecture time leakage,this thesis designs source code-level,system-level,and hardware-level protection schemes for the three necessary conditions for leakage,and tests its effectiveness through experiments and overhead,compare their respective advantages and disadvantages,and analyze their suitable work scenarios.Corresponding to the fifth chapter of the main text.In order to actually verify the conclusions of this article,this article conducts a reverse analysis of the existing MOB optimization mechanism on the Intel Coffee Lake micro-architecture,and studies how to use the four execution modes of memory sequential buffering and the corresponding execution time.The construction includes transient attacks and covert channels.Various attacks related to the recovery of the private key of the cryptographic algorithm.Using MOB to conduct transient attacks,the kernel data theft experiment is carried out on Linux Cen OS on the Intel i5-9400 processor,and the success rate can reach 57.8%.The MOB-induced time difference can also be used to recover memory instruction addresses that can leak index values for AES T table implementations.The AES-128 key recovery experiment of openssl 3.0.0was carried out on the Intel i5-9400 processor.The experimental results show that30,000 samples can restore a key byte with a probability of 63.6%,and because the memory order cache The characteristics of the attack concealment is better than the traditional cache time leak.This thesis also conducts experiments to verify the defense scheme in this thesis on the Intel Coffee Lake microarchitecture.Existing micro-architecture defense schemes fail to cover MOB-related attacks,and the defense scheme designed in this thesis based on the necessary conditions for the existence of micro-architecture time leaks can achieve the best defense effect and cost in different scenarios.Among them,the proposed system dynamic protection can increase the memory area that needs to be protected and release the memory area that does not need to be protected at any time according to the needs of the user at runtime,so as to reduce the overhead while ensuring the security more flexibly.This thesis proposes the necessary conditions for analyzing whether a component of the processor microarchitecture has time side channel leakage,and proposes three general attack utilization modes and corresponding defense schemes for components that meet the necessary conditions.Based on this,this article takes memory sequential cache as an example to conduct reverse research and verification.