An activity on a computer system may infer, discover, or have access to critical data pertaining to other activities on the system. The activity in question may be under the control of external malicious entities or users. An attacker may determine or discover critical data based on usage patterns and by monitoring the movement in and out of memory caches. These types of attacks depend on information being leaked through the timing behavior of memory systems that use caches. Such attacks are known as cache-effect side-channel attacks.
For example, an attack may be performed against AES (advanced encryption standard) encryption, in which an attacker executes code on a system to learn AES encryption keys used by others. An attacker may infer information regarding encryption by monitoring the memory that is accessed. Regarding substitution box tables, if an attacker can learn or infer what parts of the tables are used at a particular point in time, he may be able to infer the secrets, such as keys, behind the accessing of the tables.
Conventional protection against such memory monitoring attacks may be provided via operating systems, hypervisors, and any component that manages physical memory and page tables. However, the conventional solutions are complex, expensive, or require hardware changes.