Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Processor transient attack defense method based on cache random invalidation

A cache management and caching technology, which is applied in the computer field, can solve problems such as changes in the cache layout and difficulty for attackers to accurately detect the cache layout, and achieve the effect of preventing secret values

Active Publication Date: 2020-06-09
INST OF COMPUTING TECH CHINESE ACAD OF SCI
View PDF7 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The main problem of this type of attack is that the attacker uses out-of-bounds speculative execution to change the cache layout, and then obtains the secret through side channel detection.
Therefore, it is necessary to improve the existing technology, so that it is difficult for attackers to accurately detect the change of cache layout caused by speculative execution out of bounds, so as to improve the security of the processor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Processor transient attack defense method based on cache random invalidation
  • Processor transient attack defense method based on cache random invalidation
  • Processor transient attack defense method based on cache random invalidation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below through specific embodiments in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0037] As mentioned in the background technology section, modern processors have hardware loopholes, and the cache architecture of the processor needs to be modified to better defend against such attacks as meltdown attacks and ghost attacks. The main problem of this type of attack is that the attacker uses out-of-bounds speculative execution to change the cache layout, and then obtains the secret through side channel detection. For example, see figure 2 , the attacker loads the data block (the secret value can be deduced through its address, because the address is the secret value m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a cache management method. The method comprises the following steps: in response to a memory access request, loading a data block containing data required by aspeculated memory access loading instruction into a common cache, and executing the following operations when the cached data block of the common cache is kicked out of the common cache by the data block loaded by the speculated memory access loading instruction: loading the kicked-out data block into a shadow cache of the same-level cache; and randomly selecting an interference cache line from all cache lines of a common cache, writing a data block of the interference cache line into a next-level storage medium, and then invalidating the interference cache line. According to the invention, an attacker can be prevented from kicking a specific data block out of a certain level of cache by using a speculated memory access loading instruction, so that the access speed of the attacker is prevented from being changed; in addition, the interference cache line is randomly selected, and the data block of the interference cache line is set to be invalid, so that the access speed of the data block of the interference cache line is changed to interfere an attacker, and a secret value can be effectively prevented from being detected by a side channel attack.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a mechanism and technology for improving processor security, and more specifically to a method for defending against transient attacks of a processor based on random cache invalidation. Background technique [0002] For optimal processor performance, the memory must be able to keep up with the speed of the processor. That is, when the processor is executing instructions, we don't expect it to stall execution while waiting for instructions or operands. Therefore, a cache (Cache) is introduced between the registers and main memory of modern processors. In this way, a computer's memory is organized into a hierarchy. The topmost layer (the layer closest to the processor) is the register in the processor, followed by one or more levels of cache, when using multi-level cache, usually the first, second, third level cache, etc. Labeled L1, L2, L3, etc., and below that is mai...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F12/0808G06F12/0811G06F12/084G06F12/0842
CPCG06F21/556G06F12/0808G06F12/0811G06F12/084G06F12/0842
Inventor 武成岗王喆唐博文贾力陈谢梦瑶
Owner INST OF COMPUTING TECH CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com