![]()
NDSS 2025 – A Systematic Evaluation Of Novel And Existing Cache Side Channels
好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。用户的要求是直接写文章描述,不需要特定的开头。首先,我得仔细阅读文章内容,抓住关键点。
文章标题是“侧信道1”,作者来自Graz大学。主要内容是关于CPU缓存的侧信道攻击评估。他们研究了四种已有的攻击方法:Flush+Reload、Flush+Flush、Evict+Reload和Prime+Probe,并引入了三种新攻击:Demote+Reload、Demote+Demote和DemoteContention。
接下来,他们评估了这些攻击的多个特性,如命中率、时间精度、空间精度等。结果显示新攻击在某些方面表现更好,比如盲点更小,带宽更高。此外,他们还展示了新攻击在跨核心攻击中的应用,特别是在Sapphire Rapids和Emerald Rapids CPU上的效果。
最后,用户希望总结控制在100字以内。我需要提取核心信息:系统性评估现有和新缓存侧信道攻击方法,比较性能,并展示新方法的优势。
</think>
本文系统性评估了现有及新型缓存侧信道攻击方法,包括Flush+Reload、Prime+Probe等四种经典技术及三种新提出的攻击方式(Demote+Reload、Demote+Demote、DemoteContention),并从多个维度比较其性能。结果表明新型攻击在某些方面表现更优,并展示了其在跨核攻击中的应用潜力。
2025-12-13 16:0:0
Author: securityboulevard.com(查看原文)
阅读量:0
收藏
Session 5D: Side Channels 1
Authors, Creators & Presenters: Fabian Rauscher (Graz University of Technology), Carina Fiedler (Graz University of Technology), Andreas Kogler (Graz University of Technology), Daniel Gruss (Graz University of Technology)
PAPER
A Systematic Evaluation Of Novel And Existing Cache Side Channels
CPU caches are among the most widely studied side-channel targets, with Prime+Probe and Flush+Reload being the most prominent techniques. These generic cache attack techniques can leak cryptographic keys, user input, and are a building block of many microarchitectural attacks. In this paper, we present the first systematic evaluation using 9 characteristics of the 4 most relevant cache attacks, Flush+Reload, Flush+Flush, Evict+Reload, and Prime+Probe, as well as three new attacks that we introduce: Demote+Reload, Demote+Demote, and DemoteContention. We evaluate hit-miss margins, temporal precision, spatial precision, topological scope, attack time, blind spot length, channel capacity, noise resilience, and detectability on recent Intel microarchitectures. Demote+Reload and Demote+Demote perform similar to previous attacks and slightly better in some cases, e.g., Demote+Reload has a 60.7 % smaller blind spot than Flush+Reload. With 15.48 Mbit/s, Demote+Reload has a 64.3 % higher channel capacity than Flush+Reload. We also compare all attacks in an AES T-table attack and compare Demote+Reload and Flush+Reload in an inter-keystroke timing attack. Beyond the scope of the prior attack techniques, we demonstrate a KASLR break with Demote+Demote and the amplification of power side-channel leakage with Demote+Reload. Finally, Sapphire Rapids and Emerald Rapids CPUs use a non-inclusive L3 cache, effectively limiting eviction-based cross-core attacks, e.g., Prime+Probe and Evict+Reload, to rare cases where the victim’s activity reaches the L3 cache. Hence, we show that in a cross-core attack, DemoteContention can be used as a reliable alternative to Prime+Probe and Evict+Reload that does not require reverse-engineering of addressing functions and cache replacement policy.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations’ YouTube Channel.
Permalink
*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.youtube-nocookie.com/embed/tm89r_XG1bQ?si=GR8fZqnzD7VyOiVj
文章来源: https://securityboulevard.com/2025/12/ndss-2025-a-systematic-evaluation-of-novel-and-existing-cache-side-channels/
如有侵权请联系:admin#unsafe.sh