A State Transition Based Cache Side Channel Attack Model

Abstract

Over the last decades, the Cache Side Channel Attack (CSCA) seriously threatens the security of user information, which repeatedly highlights the security of cache. Even though the secure cache design can mitigate or defend against this attack, the high design period and tap-out cost reduce the development of the specific designs. Therefore, many researchers focus on proposing a secure cache model to analyse the CSCA and simplify the secure design. Nowadays, the cache model can be divided into 1) Indicator analysis model; 2) Cache verify model; 3) Cache abstract model. However, most of these models focus on the establishment phase of CSCA, regardless of the usage phase of CSCA. On the other hand, the granularity of the cache model is either the entire cache or a single cache line, which can’t describe the cache behaviour in CSCA clearly. To overcome these limitations, we proposed a novel cache model based on state transition and gave a formal specification of CSCA by this model in this work. Firstly, we summarize 11 basic states of the cache set and point to the target state in the process of CSCA. Then we describe the CSCA from three aspects: pre-attack cost, state transition cost, and detection accuracy, which gives a more comprehensive analysis of CSCA.