Abstract
Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing system that includes hard components and ARM processor cores and a programmable logic part that includes logic gates to be used to implement custom designs. The two parts communicate via memory-mapped interfaces. One of these interfaces is the accelerator coherency port that provides optional cache coherency between the two parts. In this paper, we discuss the practicability and potential threat of inside-SoC cache attacks using the cache coherency mechanism of a complex heterogeneous SoC-FPGA. We provide proof of two cache timing attacks Flush+Reload and Evict+Time when SoC-FPGA is targeted, and proof of hidden communication using a cache-based covert channel. The heterogeneous SoC-FPGA Xilinx Zynq-7010 is used as an experimental target.
Highlights
Due to the need to reduce the technology and to meet market demand, the heterogeneous system-on-chip (SoC) is becoming increasingly complex as it integrates more and more functionalities including processor cores, memory, third-party hardware IPs, and reconfigurable hardware (i.e., FPGA) for hardware acceleration
These physical quantities are widely exploited during side-channel analysis aimed at understanding the behavior of the circuits [2]
We present the malicious use of cache coherency between the processing system and the programmable logic part of the modern SoC-FPGA
Summary
Due to the need to reduce the technology and to meet market demand, the heterogeneous system-on-chip (SoC) is becoming increasingly complex as it integrates more and more functionalities including processor cores, memory, third-party hardware IPs, and reconfigurable hardware (i.e., FPGA) for hardware acceleration. Most of the dynamic characteristics of both hardware and software implementations of cryptographic primitives can be used for side-channel analysis: computation time, cache and memory access time, power consumption, electromagnetic radiation, optical radiation, etc These physical quantities are widely exploited during side-channel analysis aimed at understanding the behavior of the circuits (or in order to discover the secret information they contain, such as the secret keys required by the encryption/decryption process) [2]. Mastery of these two methods is the sine qua non-condition for the implementation of a cache timing attack.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
