Conventional computer systems are generally susceptible to side channel attacks. Side channel attacks are based on side channel information that is not directly derived from the protected contents. Such side channel information includes access permission information, timing information, power variation information, etc. For example, a side channel attacker can send hundreds or thousands of access requests to a memory region. Denied access to a memory location is an indication that the location may store sensitive information (e.g., passwords, encryption/decryption keys, etc.). Based on whether access to memory is granted or not, an attacker can identify the location in which sensitive information is likely stored. The identified memory location, together with timing information, provides an attacker with sufficient knowledge to launch a direct attack on the memory where access to data was not granted.
One existing technique for protecting memory contents is to encrypt the memory where reads with an incorrect key will return random results. However, permanent encryption and decryption is very power consuming and would be a very expensive solution if memory encryption is otherwise not needed.