可信执行环境软件侧信道攻击研究综述
作者:
作者单位:

作者简介:

通讯作者:

张倩颖,E-mail:qyzhang@cnu.edu.cn

基金项目:

国家自然科学基金(61802375,61602325,61876111,61877040);北京市教委科技计划一般项目(KM20190028005);中国科学院计算技术研究所计算机体系结构国家重点实验室开放课题(CARCH201920);交叉科学研究院项目(19530012005)


Survey on Software Side-Channel Attacks in Trusted Execution Environment
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
    摘要:

    为保护计算设备中安全敏感程序运行环境的安全,研究人员提出了TEE技术,通过对硬件和软件进行隔离为安全敏感程序提供一个与通用计算环境隔离的安全运行环境.侧信道攻击从传统的需要昂贵设备发展到现在仅基于微体系结构状态就能通过软件方式获取机密信息的访问模式,从而进一步推测出机密信息.TEE架构仅提供隔离机制,无法抵抗这类新出现的软件侧信道攻击.深入调研了ARM TrustZone、Intel SGX和AMD SEV三种TEE架构的软件侧信道攻击及相应防御措施,并探讨其攻击和防御机制的发展趋势.首先,介绍了ARM TrustZone、Intel SGX和AMD SEV的基本原理,并详细阐述了软件缓存侧信道攻击的定义、分类以及实际的侧信道攻击方法和步骤;之后从处理器指令执行的角度,提出一种TEE攻击面分类方法,利用该方法对TEE软件侧信道攻击进行分类,并阐述了软件侧信道攻击与其它攻击相结合的组合攻击;然后详细讨论TEE软件侧信道攻击的威胁模型;最后全面总结业界对TEE软件侧信道攻击的防御措施,并从攻击和防御两方面探讨TEE软件侧信道攻击未来的研究趋势.

    Abstract:

    In order to protect the security of the execution environment of security-sensitive programs in computing devices, researchers have proposed the TEE technology, which provides a secure execution environment for security-sensitive programs that is isolated from the rich computing environment by isolating hardware and software. Side-channel attacks have evolved from traditionally requiring expensive equipment to now inferring confidential information using its access mode obtained basing only on microarchitecture states through software. The TEE architecture only provides an isolation mechanism and cannot resist this type of emerging software side-channel attacks. This paper thoroughly investigates the software side-channel attacks and corresponding countermeasures of the three TEE architectures of ARM TrustZone, Intel SGX and AMD SEV, and discusses the development trend of their attacks and defense mechanisms. First, we introduce the basic principles of ARM TrustZone, Intel SGX and AMD SEV, and elaborate on the definition and classification of software cache side-channel attacks, as well as the practical side-channel attack methods and steps. Second, from the perspective of processor instruction execution, we propose a TEE attack surface classification method, use this method to classify TEE software side-channel attacks, and explain the attacks combining software side-channel attacks and other attacks. Third, we discuss the threat model of TEE software side-channel attacks in detail. Finally, we comprehensively summarize the industry's countermeasures against TEE software side-channel attacks, and discuss some future research trends of TEE software side-channel attacks from two aspects of attack and defense.

    参考文献
    相似文献
    引证文献
引用本文

杨帆,张倩颖,施智平,关永.可信执行环境软件侧信道攻击研究综述.软件学报,,():0

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
历史
  • 收稿日期:2021-03-07
  • 最后修改日期:2021-05-31
  • 录用日期:
  • 在线发布日期: 2021-10-20
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号