Skip to main content
Springer Nature Link
Log in

A Survey on Cache Timing Channel Attacks for Multicore Processors

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Cache timing channel attacks has attained a lot of attention in the last decade. These attacks exploits the timing channel created by the significant time gap between cache and main memory accesses. It has been successfully implemented to leak the secret key of various cryptography algorithms. The latest advancements in cache attacks also exploit other micro-architectural components such as hardware prefetchers, branch predictor, and replacement engine, in addition to the cache memory. Detection of these attacks is a difficult task as the attacker process running in the processor must be detected before significant portion of the attack is complete. The major challenge for mitigation and defense mechanisms against these attacks is maintaining the system performance while disabling or avoiding these attacks. The overhead caused by detection, mitigation and defense mechanism must not be significant to system’s performance. This paper discusses the research carried out in three aspects of cache security: cache timing channel attacks, detection techniques of these attacks, and defense mechanisms in details.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Percival C (2005) Cache Missing For Fun And Profit. In In Proc. of BSDCan

  2. Rijmen V, Daemen J (2001) Advanced Encryption Standard. Federal Information Processing Standards Publications, National Institute of Standards and Technology 19–22

    MATH  Google Scholar 

  3. Rivest RL, Shamir A, Adleman LA (1978) Method for Obtaining Digital Signatures and Public-key Cryptosystems. Communications of the ACM 21(2):120–126

    Article  MathSciNet  Google Scholar 

  4. Johnson D, Menezes A, Vanstone S (2001) The elliptic curve digital signature algorithm. International journal of information security 1(1):36–63

    Article  Google Scholar 

  5. Acıiçmez O, Koç ÇK (2006) Trace-Driven Cache Attacks on AES (Short Paper). In Information and Communications Security, pp 112–121

  6. Gullasch D, Bangerter E, Krenn S (2011) Cache Games–Bringing Access-Based Cache Attacks on AES to Practice. In IEEE Symp. on Security and Privacy, pp 490–505

  7. Biswas AK (2018) Efficient Timing Channel Protection for Hybrid (Packet/Circuit-Switched) Network-on-Chip. Transactions on Parallel and Distributed Systems 29(5):1044–1057

    Article  Google Scholar 

  8. Vashist A, Keats A, Pudukotai Dinakarrao SM, Ganguly A (2019) Securing a Wireless Network-on-Chip Against Jamming-Based Denial-of-Service and Eavesdropping Attacks. Transactions on Very Large Scale Integration 27(12):2781–2791

    Article  Google Scholar 

  9. Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2019) Spectre Attacks: Exploiting Speculative Execution. In 40th Symp. on Security and Privacy

  10. Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Fogh A, Horn J, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium

  11. Evtyushkin D, Ponomarev D, Abu-Ghazaleh N (2016) Understanding and Mitigating Covert Channels Through Branch Predictors. Transaction on Architecture and Code Optimization 13(1)

    Article  Google Scholar 

  12. Vougioukas I, Nikoleris N, Sandberg A, Diestelhorst S, Al-Hashimi BM, Merrett GV (2019) BRB: Mitigating Branch Predictor Side-Channels. In High Performance Computer Architecture, pp 466–477

  13. Zhang T, Koltermann K, Evtyushkin D Exploring Branch Predictors for Constructing Transient Execution Trojans. p. 667-682

  14. Ge Q, Yarom Y, Cock D, Heiser GA (2018) survey of microarchitectural timing attacks and countermeasures on contemporary hardware. Journal of Cryptographic Engineering 8(1):1–27

    Article  Google Scholar 

  15. Lyu Y, Mishra PA (2018) survey of side-channel attacks on caches and countermeasures. Journal of Hardware and Systems Security 2(1):33–50

    Article  Google Scholar 

  16. Kim T, Peinado M, Mainar-Ruiz G (2012) STEALTHMEM: System-level Protection Against Cache-based Side Channel Attacks in the Cloud. In Presented as part of the 21st \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 12), pp 189–204

  17. Kong J, Aciicmez O, Seifert JP, Zhou H (2008) Deconstructing New Cache Designs for Thwarting Software Cache-based Side Channel Attacks. In 2nd ACM workshop on Computer security architectures, pp 25–34

  18. Osvik DA, Shamir A, Tromer E (2006) Cache Attacks and Countermeasures: The Case of AES. In Cryptographers-track at the RSA conference, pp 1–20

  19. Das S, Kapoor HK (2016) A framework for block placement, migration, and fast searching in tiled-dnuca architecture. ACM Trans Des Autom Electron Syst 22, 1 

    Article  Google Scholar 

  20. Huh J, Kim C, Shafi H, Zhang L, Burger D, Keckler SW (2005) A NUCA Substrate for Flexible CMP Cache Sharing. In Intl. Conf. on Supercomputing, p 31-40

  21. Irazoqui G, Eisenbarth T, Sunar B (2015) S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing – and Its Application to AES. In IEEE Symp. on Security and Privacy, pp 591–604

  22. Vila P, Köpf B, Morales JF (2018) Theory and Practice of Finding Eviction Sets. arXiv preprint:1810.01497

  23. Page D (2002) Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. IACR Cryptology ePrint Archive, 169

  24. 5200.28-STD, D. Trusted Computer System Evaluation Criteria. Dod Computer Security Center, 1985

  25. Ashokkumar C, Venkatesh MBS, Giri RP, Roy B, Menezes B (2019) An Error-Tolerant Approach for Efficient AES Key Retrieval in the Presence of CachePrefetching-Experiments, Results, Analysis. Sādhanā 44(4): 88

    Article  MathSciNet  Google Scholar 

  26. Bernstein DJ (2005) Cache-Timing Attacks on AES

  27. Percival C (2005) Cache Missing for Fun and Profit, 2005

  28. Neve M, Seifert JP (2006) Advances on Access-Driven Cache Attacks on AES. In Intl. Workshop on Selected Areas in Cryptography, pp 147–162

  29. Brickell E, Graunke G, Seifert JP (2006) Mitigating Cache/Timing based Side-Channels in AES and RSA Software Implementations. In RSA Conf. session DEV-203

  30. Yarom Y, Genkin D, Heninger N (2017) CacheBleed: A Timing Attack on OpenSSL Constant-Time RSA. Journal of Cryptographic Engineering 7(2):99–112

    Article  Google Scholar 

  31. Montgomery PL (1987) Speeding the Pollard and Elliptic Curve Methods of Factorization. Mathematics of computation 48(177):243–264

    Article  MathSciNet  Google Scholar 

  32. Hu WM (1992) Lattice Scheduling and Covert Channels. In Security and Privacy, p 52

  33. Tsunoo Y, Saito T, Suzaki T, Shigeri M, Miyauchi H (2003) Cryptanalysis of DES Implemented on Computers with Cache. In Intl. Workshop on Cryptographic Hardware and Embedded Systems, pp 62–76

  34. Yarom Y, Falkner K (2014) FLUSH+ RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In 23rd \(\{\)USENIX\(\}\) Security Symp, pp 719–732

  35. Acıiçmez O, Schindler W, Koç ÇK (2007) Cache Based Remote Timing Attack on the AES. In Cryptographers-track at the RSA conference, pp 271–286

  36. Bhattacharya S, Rebeiro C, Mukhopadhyay D (2012) Hardware Prefetchers Leak: A Revisit of SVF for Cache-Timing Attacks. In 45th Annual Intl. Symp. on Microarchitecture Workshops, pp 17–23

  37. Fu JWC, Patel JH, Janssens BL (1992) Stride Directed Prefetching in Scalar Processors. In 25th Annual Intl Symp on Microarchitecture, pp 102–110

  38. Cronin P, Yang C (2019) A Fetching Tale: Covert Communication with the Hardware Prefetcher. In Intl. Symp. on Hardware Oriented Security and Trust, pp 101–110

  39. Evtyushkin D, Ponomarev D, Abu-Ghazaleh N (2016) Understanding and Mitigating Covert Channels Through Branch Predictors. ACM Transactions on Architecture and Code Optimization 13, 1–23

    Article  Google Scholar 

  40. Gruss D, Maurice C, Wagner K, Mangard S (2016) Flush+ Flush: A Fast and Stealthy Cache Attack. In Intl. Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment, pp 279–299

  41. Wang Z, Lee RB (2006) Covert and side channels due to processor architecture. In 22nd Annual Computer Security Applications Conference, pp 473–482

  42. Shin Y, Kim HC, Kwon D, Jeong JH, Hur J (2018) Unveiling Hardware-based Data Prefetcher, A Hidden Source of Information Leakage. In Computer and Communications Security, pp 131–145

  43. Briongos S, Malagón P, Moya JM, Eisenbarth T (2019) RELOAD+ REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks. arXiv preprint:1904.06278

  44. Briongos S, Irazoqui G, Malagón P, Eisenbarth T (2018) CacheShield: Detecting Cache Attacks Through Self-Observation. In 8th ACM Conf. on Data and Application Security and Privacy, pp 224–235

  45. Chiappetta M, Savas E, Yilmaz C (2016) Real Time Detection of Cache-based Side-channel Attacks Using Hardware Performance Counters. Appl Soft Comput 49, 1162–1174

    Article  Google Scholar 

  46. Kulah Y, Dincer B, Yilmaz C, Savas E (2019) SpyDetector: An Approach for Detecting Side-channel Attacks at Runtime. Intl. Journal of Information Security 18 (4):393–422

    Article  Google Scholar 

  47. Payer M (2016) HexPADS: A Platform to Detect Stealth Attacks. In 8th Intl. Symp. on Engineering Secure Software and Systems, pp 138–154

  48. Zhang T, Zhang Y, Lee R Cloudradar: A Real-Time Side-Channel Attack Detection System in Clouds. pp. 118–140

  49. Xiong W, Szefer J (2020) Leaking Information Through Cache LRU States. High Performance Computer Architecture, 139–152

  50. Agarwal A, Kaur J, Das S (2021) Exploiting secrets by leveraging dynamic cache partitioning of last level cache. In Design, Automation Test in Europe Conference Exhibition (DATE)

  51. Conway P, Kalyanasundharam N, Donley G, Lepak K, Hughes B (2010) Cache Hierarchy and Memory subsystem of the AMD Opteron Processor. IEEE MICRO 30(2):16–29

    Article  Google Scholar 

  52. Yao F, Doroslovacki M, Venkataramani G (2018) Are Coherence Protocol States Vulnerable to Information Leakage? In Intl. Symp. on High Performance Computer Architecture, pp 168–179

  53. Yao F, Doroslovački M, Venkataramani G (2019) Covert Timing Channels Exploiting Cache Coherence Hardware: Characterization and Defense. Intl J Parallel Prog 47(4):595–620

    Article  Google Scholar 

  54. Barresi A, Razavi K, Payer M, Gross TR (2015) \(\{\)CAIN\(\}\): Silently breaking \(\{\)ASLR\(\}\) in the cloud. In 9th \(\{\)USENIX\(\}\) Workshop on Offensive Technologies

  55. Waldspurger CA (2002) Memory Resource Management in VMware ESX Server. ACM SIGOPS Operating Systems Review 36:181–194

    Article  Google Scholar 

  56. Hornby T (2017) Side-Channel Attacks on Everyday Applications: Distinguishing Inputs with FLUSH+ RELOAD

  57. Poppler, a PDF Rendering Library. https://github.com/freedesktop/poppler

  58. Allaf Z, Adda M, Gegov A (2018) ConfMVM: A Hardware-Assisted Model to Confine Malicious VMs. In UKSim-AMSS 20th Intl. Conf. on Computer Modelling and Simulation, pp 49–54

  59. Alam M, Bhattacharya S, Mukhopadhyay D, Bhattacharya S (2017) Performance Counters to Rescue: A Machine Learning based Safeguard against Micro-architectural Side-Channel-Attacks. IACR Cryptol. ePrint Arch. 2017:564

    Google Scholar 

  60. Demme J, Maycock M, Schmitz J, Tang A, Waksman A (2013) Sethumadhavan, S., and Stolfo, S. On the Feasibility of Online Malware Detection with Performance Counters. Computer Architecture News 41(3):559–570

    Article  Google Scholar 

  61. Tank D, Aggarwal A, Chaubey N (2019) Cache Attack Detection in Virtualized Environments. J Inform Optim Sci 40(5):1109–1119

    Article  MathSciNet  Google Scholar 

  62. Allaf Z, Adda M, Gegov A (2019) Malicious Loop Detection Using Support Vector Machine. In Intl. Symp. on INnovations in Intelligent SysTems and Applications, pp 1–6

  63. Zheng B, Gu J, Weng C (2019) CBA-Detector: An Accurate Detector Against Cache-Based Attacks Using HPCs and Pintools. In 13th Intl. Symp. of Advanced Parallel Processing Technologies,11719:109–122

  64. Mushtaq M, Akram A, Khurram Bhatti M, Ali U, Lapotre V, Gogniat G (2019) Sherlock Holmes of Cache Side-Channel Attacks in Intel’s x86 Architecture. In Communications and Network Security, pp 1–9

  65. Khan S, Mururu G, Pande SA (2020) Compiler Assisted Scheduler for Detecting and Mitigating Cache-Based Side Channel Attacks,

  66. Peng Sh, Zhou QF, Zhao JL (2018) Detection of Cache-based Side Channel Attack Based on Performance Counters. DEStech Transac Comput Sci Eng Electr Eng, aiie

  67. Bazm MM, Sautereau T, Lacoste M, Sudholt M, Menaud JM (2018) Cache-Based Side-Channel Attacks Detection Through Intel Cache Monitoring Technology and Hardware Performance Counters. In 3rd Intl. Conf. on Fog and Mobile Edge Computing, pp 7–12

  68. Fuchs A, Lee RB (2015) Disruptive Prefetching: Impact on Side-Channel Attacks and Cache Designs. In 8th ACM Intl Systems and Storage Conference, p 14

  69. Fang H, Dayapule SS, Yao F, Doroslovački M, Venkataramani G (2018) Prefetch-guard: Leveraging Hardware Prefetches to Defend against Cache Timing Channels. In Intl. Symp. on Hardware Oriented Security and Trust, pp 187–190

  70. Fang H, Dayapule SS, Yao F, Doroslovački M, Venkataramani G (2019) Prodact: Prefetch-obfuscator to Defend against Cache Timing Channels. Intl. Journal of Parallel Programming 47(4):571–594

    Article  Google Scholar 

  71. Wang Z, Lee RB (2007) New Cache Designs for Thwarting Software Cache-based Side Channel Attacks. SIGARCH Comput Archit News 35(2):494–505

    Article  Google Scholar 

  72. Kong J, Aciiçmez O, Seifert JP, Zhou H (2009) Hardware-Software Integrated Approaches to Defend against Software Cache-based Side Channel Attacks. In 15th Intl. Symp. on High Performance Computer Architecture, pp 393–404

  73. Domnitser L, Jaleel A, Loew J, Abu-Ghazaleh N, Ponomarev D (2012) Non-Monopolizable Caches: Low-Complexity Mitigation of Cache Side Channel Attacks. Transactions on Architecture and Code Optimization 8(4):1–21

    Article  Google Scholar 

  74. Kong J, Aciicmez O, Seifert JP, Zhou H (2012) Architecting Against Software Cache-Based Side-Channel Attacks. IEEE Transactions on Computers 62(7):1276–1288

    Article  MathSciNet  Google Scholar 

  75. Wang Z, Lee RB (2008) A Novel Cache Architecture with Enhanced Performance and Security. In 41st Intl. Symp. on Microarchitecture, pp 83–93

  76. Qureshi MK (2018) CEASER: Mitigating Conflict-based Cache Attacks via Encrypted-Address and Remapping. In 51st Intl. Symp. on Microarchitecture, pp 775–787

  77. Yan M, Sprabery R, Gopireddy B, Fletcher C, Campbell R, Torrellas J (2019) Attack Directories, not Caches: Side Channel Attacks in a Non-Inclusive World. Attack Directories. Side Channel Attacks in a Non-Inclusive World, Not Caches

    Google Scholar 

  78. Bodduna R, Ganesan V, SLPSK P, Veezhinathan K, Rebeiro C (2020) Brutus: Refuting the Security Claims of the Cache Timing Randomization Countermeasure Proposed in CEASER. Computer Architecture Letters 19(1): 9–12

  79. Liu F, Yarom Y, Ge Q, Heiser G, Lee RB (2015) Last-Level Cache Side-Channel Attacks are Practical. In Symp on Security and Privacy, pp 605–622

  80. Ferdman M, Adileh A, Kocberber O, Volos S, Alisafaee M, Jevdjic D, Kaynak C, Popescu AD, Ailamaki A, Falsafi B (2012) Clearing the Clouds: A Study of Emerging Scale-Out Workloads on Modern Hardware. Acm Sigplan Notices 47(4): 37–48

    Article  Google Scholar 

  81. LLC M TPC-C. http://www.tpc.org/tpcc/default.asp

  82. Werner M, Unterluggauer T, Giner L, Schwarz M, Gruss D, Mangard S (2019) ScatterCache: Thwarting Cache Attacks via Cache Set Randomization. In 28th USENIX Security Symp, pp 675–692

  83. Seznec AA  (1993) Case for Two-Way Skewed-Associative Caches. ACM SIGARCH computer architecture news 21(2):169–178

    Article  Google Scholar 

  84. Bandara S,  Kinsy MA (2019) Adaptive Caches as a Defense Mechanism Against Cache Side-Channel Attacks. In 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop, p 55-64

  85. Guide P (2011) Intel® 64 and IA-32 Architectures Software Developer-Manual. Volume 3B: System programming Guide, Part 2

  86. Intel C (2015) Improving Real-Time Performance by Utilizing Cache Allocation Technology. Intel Corporation, April

  87. Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) Catalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing. In Intl. Symp. on High Performance Computer Architecture, pp 406–418

  88. Yao F, Fang H, Doroslovacki M, Venkataramani G COTSknight: Practical Defense against Cache Timing Channel Attacks using Cache Monitoring and Partitioning Technologies. In Hardware Oriented Security and Trust

  89. Gras B, Razavi K, Bos H, Giuffrida C (2018) Translation Leak-Aside Buffer: Defeating Cache Side-Channel Protections with \(\{\)TLB\(\}\) Attacks. In 27th \(\{\)USENIX\(\}\) Security Symp, pp 955–972

  90. Chen S, Liu F, Mi Z, Zhang Y, Lee RB, Chen H, Wang X (2018) Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses. In Asia Conference on Computer and Communications Security, pp. 601–608

  91. Kayaalp M, Khasawneh KN, Esfeden HA, Elwell J, Abu-Ghazaleh N, Ponomarev D, Jaleel A (2017) RIC: Relaxed Inclusion Caches for Mitigating LLC Side-Channel Attacks. In 54th Design Automation Conference, pp 1–6

  92. Yan M, Choi J, Skarlatos D, Morrison A, Fletcher C, Torrellas J (2018) Invisispec: Making speculative execution invisible in the cache hierarchy. In 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), IEEE, pp 428–441

  93. Weisse O, Neal I, Loughlin K, Wenisch TF, Kasikci B (2019) Nda: Preventing speculative execution attacks at their source. In 52nd Annual IEEE/ACM International Symposium on Microarchitecture, pp 572–586

  94. Yu J, Yan M, Khyzha A, Morrison A, Torrellas J, Fletcher CW (2019) Speculative taint tracking (stt) a comprehensive protection for speculatively accessed data. In 52nd Annual IEEE/ACM International Symposium on Microarchitecture, pp. 954–968

  95. Shen C, Chen C, Zhang J (2021) Micro-architectural cache side-channel attacks and countermeasures. In 26th Asia and South Pacific Design Automation Conference pp 441–448

  96. Gruss D, Lipp M, Schwarz M, Fellner R, Maurice C, Mangard S (2017) Kaslr is dead: long live kaslr. In International Symposium on Engineering Secure Software and Systems, Springer, pp 161–176

  97. Alameldeen AR, Wood DA (2004) Adaptive Cache Compression for High-Performance Processors. In 31st Annual International Symposium on Computer Architecture, pp 212–223

  98. Pekhimenko G, Seshadri V, Mutlu O, Kozuch MA, Gibbons PB, Mowry TC (2012) Base-Delta-Immediate Compression: Practical Data Compression for On-Chip Caches. In 21st Intl. Conf. on Parallel Architectures and Compilation Techniques, pp 377–388

  99. Tsai PA, Sanchez A, Fletcher CW, Sanchez D (2020) Safecracker: Leaking Secrets through Compressed Caches. In 25th Intl. Conf. on Architectural Support for Programming Languages and Operating Systems, p 1125-1140

  100. Wang L, Zhu Z, Wang Z, Meng D (2019) Colored Petri Net Based Cache Side Channel Vulnerability Evaluation. IEEE Access 7, 169825–169843

    Article  Google Scholar 

  101. Brasser F, Müller U, Dmitrienko A, Kostiainen K, Capkun S, Sadeghi AR (2017) Software Grand Exposure:\(\{\)SGX\(\}\) Cache Attacks are Practical. In 11th \(\{\)USENIX\(\}\) Workshop on Offensive Technologies

  102. Inci MS, Gulmezoglu B, Irazoqui G, Eisenbarth T, Sunar B (2016) Cache Attacks Enable Bulk Key Recovery on the Cloud. In Intl. Conf. on Cryptographic Hardware and Embedded Systems, pp 368–388

  103. Moghimi A, Irazoqui G, Eisenbarth T (2017) Cachezoom: How SGX Amplifies the Power of Cache Attacks. In Intl. Conf. on Cryptographic Hardware and Embedded Systems, pp. 69–90

  104. Disselkoen C, Kohlbrenner D, Porter L, Tullsen D (2017) Prime+ abort: A timer-free high-precision l3 cache attack using intel \(\{\)TSX\(\}\). In 26th \(\{\)USENIX\(\}\) Security Symp, pp 51–67

  105. Zhang Y, Juels A, Reiter MK, Ristenpart T (2014) Cross-Tenant Side-Channel Attacks in PaaS Clouds. In Conf. on Computer and Communications Security, pp. 990–1003

  106. Götzfried J, Eckert M, Schinzel S, Müller T (2017) Cache Attacks on Intel SGX. In European Workshop on Systems Security, p 2

  107. Zhang Y, Juels A, Reiter MK, (2012) Ristenpart, T. Cross-VM Side Channels and their use to Extract Private Keys. In Proc. of Computer and communications security, pp. 305–316

  108. Oren Y, Kemerlis VP, Sethumadhavan S, Keromytis AD (2015) The Spy in the Sandbox: Practical Cache Attacks in javascript and their Implications. In Proc. of Computer and Communications Security, pp 1406–1418

  109. Aciiçmez O (2007) Yet Another Microarchitectural Attack: Exploiting I-Cache. In Computer security architecture, pp. 11–18

  110. Acıiçmez O, Schindler WA (2008) Vulnerability in RSA Implementations due to Instruction Cache Analysis and its Demonstration on OpenSSL. In Cryptographers-Track at the RSA Conference, pp 256–273

  111. Acıiçmez O, Brumley BB, Grabher P (2010) New Results on Instruction Cache Attacks. In Intl. Workshop on Cryptographic Hardware and Embedded Systems, pp 110–124

  112. Wang D, Qian Z, Abu-Ghazaleh N, Krishnamurthy SV (2019) PAPP: Prefetcher-Aware Prime and Probe Side-channel Attack. In 56th Annual Design Automation Conference, p 62

  113. Schwarz M, Weiser S, Gruss D, Maurice C, Mangard S (2017) Malware Guard Extension: Using SGX to Conceal Cache Attacks. In Intl. Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment, pp 3–24

  114. Gruss D, Spreitzer R, Mangard S (2015) Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In 24th \(\{\)USENIX\(\}\) Security Symp, pp 897–912

  115. Irazoqui G, Inci MS, Eisenbarth T, Sunar B (2014) Wait a Minute! A Fast, Cross-VM Attack on AES. In Intl. Workshop on Recent Advances in Intrusion Detection, pp 299–319

  116. Gülmezoğlu B, Inci MS, Irazoqui G, Eisenbarth T, Sunar BA (2015) Faster and More Realistic Flush+Reload Attack on AES. In Intl Workshop on Constructive Side-Channel Analysis and Secure Design, pp 111–126

  117. Allan T, Brumley BB, Falkner K, Van de Pol J, Yarom Y (2016) Amplifying Side Channels Through Performance Degradation. In 32nd Annual Conf. on Computer Security Applications, pp 422–435

  118. Benger N, Van de Pol J, Smart NP, Yarom Y (2014) Ooh Aah... Just a Little Bit: A Small Amount of Side Channel Can Go a Long Way. In Intl. Workshop on Cryptographic Hardware and Embedded Systems, pp 75–92

  119. Van de Pol J, Smart NP, Yarom Y (2015) Just a Little Bit More. In Cryptographers-Track at the RSA Conf, pp 3–21

  120. Maurice C, Neumann C, Heen O, Francillon A (2015) C5: Cross-Cores Cache Covert Channel. In Detection of Intrusions and Malware, and Vulnerability Assessment, pp 46–64

  121. Watson DL (2009) Hey–Get Off My Cloud! In Intl. Conf. on Global Security, Safety, and Sustainability, pp 224–232

  122. Maurice C, Weber M, Schwarz M, Giner L, Gruss D, Boano CA, Mangard S,  Römer K (2017) Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud. In NDSS, vol. 17 pp. 8–11

    Google Scholar 

  123. Moghimi A, Wichelmann J, Eisenbarth T, Sunar B (2019) Memjam: A False Dependency Attack against Constant-Time Crypto Implementations. Intl. Journal of Parallel Programming 47(4):538–570

    Article  Google Scholar 

  124. Jiang ZH, Fei YA (2017) Novel Cache Bank Timing Attack. In Intl. Conf. on Computer-Aided Design, pp. 139–146

  125. Irazoqui G, Eisenbarth T, Sunar B (2016) Cross Processor Cache Attacks. In 11th Asia conference on computer and communications security, pp 353–364

  126. Yarom Y, Benger N (2014) Recovering openssl ecdsa nonces using the flush+ reload cache side-channel attack. IACR Cryptol ePrint Arch 2014, 140

    Google Scholar 

  127. Mushtaq M, Akram A, Bhatti MK, Chaudhry M, Lapotre V, Gogniat G (2018) Nights-Watch: A Cache-Based Side-Channel Intrusion Detector using Hardware Performance Counters. In 7th Intl. Workshop on Hardware and Architectural Support for Security and Privacy, pp. 1–8

  128. Raj A, Dharanipragada J (2017) Keep the PokerFace on! Thwarting Cache Side Channel Attacks by Memory Bus Monitoring and Cache Obfuscation. Journal of Cloud Computing 6(1):28

    Article  Google Scholar 

  129. Paundu AW, Fall D, Miyamoto D, Kadobayashi Y (2018) Leveraging KVM Events to Detect Cache-Based Side Channel Attacks in a Virtualization Environment. Security and Communication Networks

  130. Tromer E, Osvik DA, Shamir A (2010) Efficient Cache Attacks on AES, and Countermeasures. J. Cryptol 23(1):37–71

    Article  MathSciNet  Google Scholar 

  131. Xu Y, Bailey M, Jahanian F, Joshi K, Hiltunen M, Schlichting R (2011) An Exploration of L2 Cache Covert Channels in Virtualized Environments. In 3rd workshop on Cloud computing security workshop, pp 29–40

  132. Wu Z, Xu Z, Wang H (2014) Whispers in the Hyper-Space: High-Bandwidth and Reliable Covert Channel Attacks inside the Cloud. Transactions on Networking 23(2):603–615

    Article  Google Scholar 

  133. Liu F, Lee RB (2014) Random Fill Cache Architecture. In 47th Intl. Symp. on Microarchitecture, pp 203–215

  134. Bonneau J, Mironov I (2006) Cache-collision timing attacks against aes. In International Workshop on Cryptographic Hardware and Embedded Systems, Springer, pp 201–215

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Technology Ropar, Punjab, 140001, India

    Jaspinder Kaur & Shirshendu Das

Authors
  1. Jaspinder Kaur
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Shirshendu Das
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Shirshendu Das.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kaur, J., Das, S. A Survey on Cache Timing Channel Attacks for Multicore Processors. J Hardw Syst Secur 5, 169–189 (2021). https://doi.org/10.1007/s41635-021-00115-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-021-00115-3

Keywords