• Corpus ID: 233764990

Side-Channel Attacks on RISC-V Processors: Current Progress, Challenges, and Opportunities

@article{Ahmadi2021SideChannelAO,
  title={Side-Channel Attacks on RISC-V Processors: Current Progress, Challenges, and Opportunities},
  author={Mahya Morid Ahmadi and Faiq Khalid and Muhammad Akmal Shafique},
  journal={ArXiv},
  year={2021},
  volume={abs/2106.08877}
}
Side-channel attacks on microprocessors, like the RISC-V, exhibit security vulnerabilities that lead to several design challenges. Hence, it is imperative to study and analyze these security vulnerabilities comprehensively. In this paper, we present a brief yet comprehensive study of the security vulnerabilities in modern microprocessors with respect to side-channel attacks and their respective mitigation techniques. The focus of this paper is to analyze the hardware-exploitable side-channel… 

Figures from this paper

References

SHOWING 1-10 OF 34 REFERENCES

Protecting RISC-V against Side-Channel Attacks

This work made use of state of the art masking techniques and presented a novel solution to protect memory access against SCA by integrating side-channel analysis countermeasures into a RISC-V implementation, protecting against first-order power or electromagnetic attacks while keeping the implementation costs as low as possible.

Replicating and Mitigating Spectre Attacks on a Open Source RISC-V Microarchitecture

This work implements a preliminary hardware mitigation for Spectre attacks, demonstrates the value of the open-source RISC-V hardware ecosystem for secure hardware research, and demonstrates thevalue of the Berkeley Out-of-Order Machine for secureHardware research.

Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses

This survey extracts the key features of the processor’s microarchitectural functional units which make the channels possible, presents an analysis and categorization of the variety of microarch Architectural side and covert channels others have presented in literature, and surveys existing defense proposals.

A high-resolution side-channel attack on last-level cache

New techniques to achieve high-resolution tracking of the victim accesses to enable attacks on ciphers where critical events have a small cache footprint and it is shown that this attack frequently obtains an equal quality channel.

Meet the Sherlock Holmes’ of Side Channel Leakage: A Survey of Cache SCA Detection Techniques

A set of important characteristics are identified that can be used to characterize a CSCA (cache side channel attack) detection technique and some of the challenges the research community will have to resolve in future to improve the efficiency of cache side channel detection techniques.

ARMageddon: Cache Attacks on Mobile Devices

This work demonstrates how to solve key challenges to perform the most powerful cross-core cache attacks Prime+Probe, Flush+ Reload, Evict+Reload, and Flush-Flush on non-rooted ARM-based devices without any privileges.

A Survey of Side-Channel Attacks on Caches and Countermeasures

This paper surveys the widely used target encryption algorithms, the common attack techniques, and recent attacks that exploit the features of cache against the cloud computing and embedded systems, and surveys existing countermeasures at different abstraction levels.

Cache Attacks and Countermeasures: The Case of AES

An extremely strong type of attack is demonstrated, which requires knowledge of neither the specific plaintexts nor ciphertexts, and works by merely monitoring the effect of the cryptographic process on the cache.

How secure is your cache against side-channel attacks?

  • Zecheng HeRuby B. Lee
  • Computer Science, Mathematics
    2017 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)
  • 2017
A novel probabilistic information flow graph is proposed to model the interaction between the victim program, the attacker program and the cache architecture, and a new metric, the Probability of Attack Success (PAS), is derived, which gives a quantitative measure for evaluating a cache’s resilience against a given class of cache side-channel attacks.