ارزیابی کاربردی حملات کانال جانبی مبتنی بر آسیب پذیری‌های پردازنده‌ها

قنادان زاده, احمد; ملازاده, مهدی; مقدسی, علی; اصفهانی, مهدی

ارزیابی کاربردی حملات کانال جانبی مبتنی بر آسیب پذیری‌های پردازنده‌ها

نوع مقاله : مقاله پژوهشی

نویسندگان

¹ دانشجوی دکتری، دانشگاه جامع امام حسین (ع)، تهران، ایران

² استادیار، دانشگاه جامع امام حسین (ع)، تهران، ایران

³ استادیار، دانشگاه جامع امام حسین(ع)، تهران، ایران

⁴ پژوهشگر،دانشگاه صنعتی شریف، تهران، ایران

چکیده

در سال های اخیر وسایل الکترونیکی هم‌چون لپ‌تاپ، کامپیوتر، تلفن‌های همراه هوشمند و دیگر وسایل الکترونیکی هوشمند به شدت افزایش یافته که تمام این وسایل الکترونیکی از یک یا چند پردازنده در داخل خود استفاده می نمایند که با توجه به نوع معماری هر پردازنده ممکن است آسیب‌‌پذیری‌های متفاوتی داشته باشند. در این مقاله بررسی و ارزیابی آسیب‌پذیری‌های کانال جانبی مبتنی بر آسیب‌پذیری‌های پردازنده‌های اینتل و آرم بر اساس روش تحلیل سلسله مراتبی انجام شده است. حملات انجام شده بر اساس آسیب‌پذیری‌های موجود به 6 دسته‌ی کلی تقسیم‌بندی شده است که بر اساس شاخص‌هایی چون زمان، امکانپذیری، اثربخشی و هزینه مورد ارزیابی قرار گرفته است. در بین 6 حمله‌ی بررسی شده، 3 حمله‌ی مبتنی بر زمان، حمله‌ی کانال جانبی توان با اندازه‌گیری نرم‌افزاری و حمله‌ی مبتنی بر حافظه‌ی نهان به ترتیب بیشترین امتیاز را براساس معیارهای ارزیابی به خود اختصاص داده اند و حمله‌ی کانال جانبی توان با اندازه‌گیری سخت‌افزاری کمترین امتیاز را داشته است که در اینجا نرخ ناسازگاری کلی برابر با مقدار 06/0 شده است که قابل قبول است. همچنین 3 زیر‌معیار درصد بازیابی کلید(گذرواژه)، سطح دسترسی و قابلیت ایجاد کانال پنهان بیشترین تاثیر را بر روی گزینه‌های تصمیم داشته اند. در نهایت این گزینه‌ها علاوه‌ بر رتبه‌بندی کلی بر اساس هرکدام از معیارها نیز امتیازبندی شده‌اند. از منظر زمان حمله‌ی مبتنی بر زمان و حمله‌ی کانال جانبی توان با اندازه‌گیری سخت‌افزاری به ترتیب بیشترین و کمترین امتیاز و اولیویت را دارند و از منظر امکان‌پذیری حمله‌ی مبتنی بر زمان و حمله‌ی کانال جانبی توان با اندازه‌گیری نرم‌افزاری به ترتیب دارای بیشترین و کمترین اولویت هستند. همچنین از منظر اثربخشی حمله‌ی مبتنی بر زمان و حمله‌ی کانال جانبی توان با اندازه‌گیری سخت‌افزاری به ترتیب اولویت بیشتر و کمتری داشته و از منظر هزینه نیز حمله‌ی مبتنی بر زمان و حمله‌ی مبتنی بر ریزمعماری به ترتیب دارای بیشترین و کمترین امتیاز و اولویت شدند. در ادامه میزان خطر این 6 راهکار با استفاده از پارامتر CVSS امتیازدهی شده و رتبه‌بندی شد. نتایج این ارزیابی نشان می‌دهد که 3 حمله‌ی مبتنی بر زمان، حمله‌ی مبتنی بر ریزمعماری و حمله‌ی مبتنی بر حافظه‌ی نهان به ترتیب بیشتری خطر را برای قربانی داشته و بیشترین آسیب را وارد خواهند نمود.

کلیدواژه‌ها

20.1001.1.23224347.1403.12.3.1.3

موضوعات

سخت افزار

عنوان مقاله [English]

Evaluation of Side-Channel Attacks for Different Types of Processors Vulnerabilities

نویسندگان [English]

Ahmad GhannadanZadeh ¹
Mahdi Mollazadeh ²
Ali Moghaddasi ³
Mahdi Esfahani ⁴

¹ PhD student, Imam Hossein University, Tehran, Iran

² Assistant Professor, Imam Hossein University, Tehran, Iran

³ Assistant Professor, Imam Hossein University, Tehran, Iran

⁴ Researcher, Sharif University of Technology, Tehran, Iran

چکیده [English]

In recent years, electronic devices such as laptops, computers, smart mobile phones and other smart electronic devices have greatly increased, and all these electronic devices use one or more processors inside them, which according to the type of architecture of each processor may have different vulnerabilities. In this paper Investigation and evaluation of side channel vulnerabilities based on the vulnerabilities of Intel and ARM processors has been done based on the hierarchical analysis method. Based on the existing vulnerabilities, the attacks have been divided into 6 general categories, which have been evaluated based on indicators such as time, possibility, effectiveness, and cost. Among the 6 attacks investigated, 3 time-based attack, power side channel attack with software measurement and cache-based attack have respectively assigned the most points based on the evaluation criteria and the power side-channel with hardware measurement attack has the lowest score, where the overall mismatch rate is 0.06, which is acceptable. Also, 3 sub-criteria of key (password) recovery percentage, access level and covert channel ability have had the greatest impact on decision options. Finally, in addition to the overall ranking, these options are also scored based on each of the criteria. From the time point of view, the time-based attack and the power side channel attack with hardware measurement have the highest and the lowest priority, respectively, and from the possibility point of view, the time-based attack and the power side channel attack with software measurement have the highest and lowest priority, respectively. Also, from the effectiveness point of view, time-based attack and side-channel power attack with hardware measurement have higher and lower priority, respectively, and from the cost point of view, time-based attack and micro-architecture-based attack have the highest and lowest points and priority, respectively. Next, the risk level of these 6 strategies was scored and ranked using the CVSS parameter. The results of this evaluation show that 3 time-based attacks, micro-architecture-based attacks, and cache-based attacks, respectively, are more dangerous for the victim and will cause the most damage.

کلیدواژه‌ها [English]

Processors Vulnerability
Hierarchical analysis
Cache
Risk Assessment

مراجع

[1] “Web of Science.” [Online]. Available: https://www.webofscience.com/wos/woscc/basic-search. [Accessed: 10-Nov-2022].

[2] D. A. Osvik, A. Shamir, and E. Tromer, “Cache Attacks and Countermeasures: The Case of AES,” in Journal of Cryptology, vol. 23, no. 1, 2006, pp. 1–20.

[3] C. Su and Q. Zeng, “Survey of CPU Cache-Based Side-Channel Attacks: Systematic Analysis, Security Models, and Countermeasures,” Secur. Commun. Networks, vol. 2021, pp. 1–15, Jun. 2021.

[4] C. Percival, “Cache missing for fun and profit,” BSDCan 2005. 2005.

[5] M. Neve and J. P. Seifert, “Advances on access-driven cache attacks on AES,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4356 LNCS. pp. 147–162, 2007.

[6] E. Tromer, D. A. Osvik, and A. Shamir, “Efficient Cache Attacks on AES, and Countermeasures,” J. Cryptol., vol. 23, no. 1, pp. 37–71, Jan. 2010.

[7] O. Aciiçmez, “Yet another MicroArchitectural attacks: Exploiting I-cache,” Proceedings of the ACM Conference on Computer and Communications Security. pp. 11–18, 2007.

[8] O. Aciiçmez and W. Schindler, “A vulnerability in RSA implementations due to instruction cache analysis and its demonstration on OpenSSL,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4964 LNCS. pp. 256–273, 2008.

[9] F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee, “Last-level cache side-channel attacks are practical,” Proceedings - IEEE Symposium on Security and Privacy, vol. 2015-July. pp. 605–622, 2015.

[10] F. Brasser, U. Müller, A. Dmitrienko, K. Kostiainen, S. Capkun, and A. R. Sadeghi, “Software grand exposure: SGX cache attacks are practical,” 11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017. 2017.

[11] M. Schwarz, S. Weiser, D. Gruss, C. Maurice, and S. Mangard, “Malware guard extension: Using SGX to conceal cache attacks,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2017, vol. 10327 LNCS, pp. 3–24.

[12] J. Götzfried, M. Eckert, S. Schinzel, and T. Müller, “Cache Attacks on Intel SGX,” in Proceedings of the 10th European Workshop on Systems Security, 2017, pp. 1–6.

[13] R. Hund, C. Willems, and T. Holz, “Practical timing side channel attacks against kernel space ASLR,” Proceedings - IEEE Symposium on Security and Privacy. pp. 191–205, 2013.

[14] D. Gullasch, E. Bangerter, and S. Krenn, “Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice,” in 2011 IEEE Symposium on Security and Privacy, 2011, pp. 490–505.

[15] Y. Yarom and K. Falkner, “{FLUSH+RELOAD}: A High Resolution, Low Noise, L3 Cache {Side-Channel} Attack,” in 23rd USENIX Security Symposium (USENIX Security 14), 2014, pp. 719–732.

[16] G. Irazoqui, M. S. Inci, T. Eisenbarth, and B. Sunar, “Wait a minute! A fast, cross-VM attack on AES,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8688 LNCS. pp. 299–319, 2014.

[17] B. Gülmezo Ğ Lu, M. S. İnci, G. Irazoqui, T. Eisenbarth, and B. Sunar, “A faster and more realistic flush+reload attack on AES,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2015, vol. 9064, pp. 111–126.

[18] N. Benger, J. van de Pol, N. P. Smart, and Y. Yarom, “‘Ooh Aah... Just a Little Bit’ : A Small Amount of Side Channel Can Go a Long Way,” 2014, pp. 75–92.

[19] J. van de Pol, N. P. Smart, and Y. Yarom, “Just a Little Bit More,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9048, 2015, pp. 3–21.

[20] Y. Yarom and N. Benger, “Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack,” IACR Cryptology. pp. 12–14, 2014.

[21] T. Allan, B. B. Brumley, K. Falkner, J. Van De Pol, and Y. Yarom, “Amplifying side channels through performance degradation,” ACM International Conference Proceeding Series, vol. 5-9-Decemb. pp. 422–435, 2016.

[22] Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart, “Cross-tenant side-channel attacks in PaaS clouds,” in Proceedings of the ACM Conference on Computer and Communications Security, 2014, pp. 990–1003.

[23] D. Gruss, R. Spreitzer, and S. Mangard, “Cache template attacks: Automating attacks on inclusive last-level caches,” in Proceedings of the 24th USENIX Security Symposium, 2015, pp. 897–912.

[24] M. Esfahani, H. Soleimany, and M. R. Aref, “Modified Cache-Template Attack on AES,” Scientia Iranica, vol. 29, no. 4. p. 8, 2022.

[25] H. Soleimany, M. Esfahani, and M. R. Aref, “Practical Implementation of A Novel Side-Channel Flush+Reload Attack on AES,” Sci. J. Adv. Def. Sci. Technol., vol. 10, no. 4, pp. 383–392, 2020. (In Persian).https://dor.isc.ac/dor/20.1001.1.26762935.1398.10.4.5.3

[26] C. Pereida García, B. B. Brumley, and Y. Yarom, “Make Sure DSA Signing Exponentiations Really are Constant-Time,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, vol. 24-28-Octo, pp. 1639–1650.

[27] D. Gruss, C. Maurice, K. Wagner, and S. Mangard, “Flush+Flush: A Fast and Stealthy Cache Attack,” 2016, pp. 279–299.

[28] G. Didier and C. Maurice, “Calibration Done Right: Noiseless Flush+Flush Attacks,” 2021, pp. 278–298.

[29] A. Saxena and B. Panda, “DABANGG : Time for Fearless Flush based Cache Attacks,” Cryptology ePrint Archive, no. Report 2020/637. 2020.

[30] A. Saxena and B. Panda, “DABANGG: A Case for Noise Resilient Flush-Based Cache Attacks,” in 2022 IEEE Security and Privacy Workshops (SPW), 2022, pp. 323–334.

[31] N. Zhang, K. Sun, D. Shands, W. Lou, and Y. T. Hou, “Truspy: Cache side-channel information leakage from the secure world on arm devices,” Cryptol. ePrint Arch., 2016.

[32] N. Zhang, K. Sun, D. Shands, W. Lou, and Y. T. Hou, “TruSense: Information Leakage from TrustZone,” in Proceedings - IEEE INFOCOM, 2018, vol. 2018-April, pp. 1097–1105.

[33] M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard, “Armageddon: Cache attacks on mobile devices,” Proceedings of the 25th USENIX Security Symposium. pp. 549–564, 2016.

[34] R. Guanciale, H. Nemati, C. Baumann, and M. Dam, “Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures,” in Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016, 2016, pp. 38–55.

[35] “wolfSSL: Embedded SSL/TLS Library.” [Online]. Available: https://www.wolfssl.com/products/wolfssl/. [Accessed: 06-Sep-2022].

[36] M. Green, L. Rodrigues-Lima, A. Zankl, G. Irazoqui, J. Heyszl, and T. Eisenbarth, “AutoLock: Why cache attacks on arm are harder than you think,” Proceedings of the 26th USENIX Security Symposium. pp. 1075–1091, 2017.

[37] B. Lapid and A. Wool, “Navigating the samsung trustzone and cache-attacks on the keymaster trustlet,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2018, vol. 11098 LNCS, pp. 175–196.

[38] B. Lapid and A. Wool, “Cache-Attacks on the ARM TrustZone Implementations of AES-256 and AES-256-GCM via GPU-Based Analysis,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2019, vol. 11349 LNCS, pp. 235–256.

[39] V. Meraji and H. Soleimany, “Introducing a New Timing Attack on the ARM Processor and its Practical Implementation on the Raspberrypi3 Board,” J. Electron. Cyber Def., vol. 8, no. 1, pp. 125–132, 2020. (In Persian).https://dor.isc.ac/dor/20.1001.1.23224347.1399.8.1.10.0

[40] M. Esfahani, H. Soleimany, and M. R. Aref, “Enhanced cache attack on AES applicable on ARM-based devices with new operating systems,” Comput. Networks, vol. 198, 2021.

[41] H. Lee, S. Jang, H.-Y. Kim, and T. Suh, “Hardware-Based FLUSH+RELOAD Attack on Armv8 System via ACP,” in 2021 International Conference on Information Networking (ICOIN), 2021, pp. 32–35.

[42] G. Haas, S. Potluri, and A. Aysu, “ITimed: Cache Attacks on the Apple A10 Fusion SoC,” Proceedings of the 2021 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2021. pp. 80–90, 2021.

[43] A. Mirghadri and H. Bagheri, “Side Channel Analysis of International Data Encryption Algorithm (IDEA),” J. Electron. Cyber Def., vol. 7, no. 4, pp. 51–57, 2020. (In Persian).

[44] H. Momeni and M. A. Taheri, “Time Analysis Attack on a Stream Cipher Algorithm’s,” J. Electron. Cyber Def., vol. 4, no. 1, pp. 51–57, 2016. (In Persian).https://dor.isc.ac/dor/20.1001.1.23224347.1395.4.1.5.7

[45] M. Lipp et al., “PLATYPUS: Software-based power side-channel attacks on x86,” Proceedings - IEEE Symposium on Security and Privacy, vol. 2021-May. pp. 355–371, 2021.

[46] P. C. Kocher, “Timing Attacks on Implementations of Diffie-Hellman,” CRYPTO - Annual International Cryptology Conference. pp. 104–113, 1996.

[47] M. Lipp et al., “Meltdown: Reading kernel memory from user space,” in 27th USENIX Security Symposium (USENIX Security 18), 2018, pp. 973–990.

[48] P. Kocher et al., “Spectre attacks: Exploiting speculative execution,” Proceedings - IEEE Symposium on Security and Privacy, vol. 2019-May. pp. 1–19, 2019.

[49] C. Canella et al., “A systematic evaluation of transient execution attacks and defenses,” Proc. 28th USENIX Secur. Symp., pp. 249–266, 2019.

[50] D. Ryu, Y. Kim, and J. Hur, “Gamma-Knife: Extracting Neural Network Architecture Through Software-Based Power Side-Channel,” IEEE Trans. Dependable Secur. Comput., pp. 1–17, 2023.

[51] B. Gulmezoglu, A. Moghimi, T. Eisenbarth, and B. Sunar, “FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning,” arXiv Prepr. arXiv1907.03651, vol., no., p. 16, Jul. 2019.

[52] M. Mollazadeh, H. Lashkarian, M. Sheikh Mohammadi, and K. Mirzaei, “Evaluation Model of Vulnerabilities of Network Centric Warfare Based on Hierarchical Analysis Process,” J. Command Control, vol. 2, no. 1, p. 25, 2019. (In Persian)

[53] “Common Vulnerability Scoring System.” [Online]. Available: https://www.first.org/cvss/. [Accessed: 14-Sep-2023].

[54] “CVSS v4.0 Specification Document.” [Online]. Available: https://www.first.org/cvss/v4.0/specification-document. [Accessed: 25-Jan-2024].

[55] X. Lou, T. Zhang, J. Jiang, and Y. Zhang, “A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography,” ACM Comput. Surv., vol. 54, no. 6, pp. 1–37, Jul. 2022.

[56] L. Wang, Z. Zhu, Z. Wang, and D. Meng, “Colored Petri Net Based Cache Side Channel Vulnerability Evaluation,” IEEE Access, vol. 7, pp. 169825–169843, 2019.