Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Opportunities for a party to gain unauthorized access to digital information are continually increasing. This is particularly true as more and more computing devices (e.g., smart phones, tablet computers, laptop computers, desktop computers, servers, or the like) are accessible by a third party (e.g., via the Internet, or the like). Additionally, the rise in popularity of cloud computing technologies (e.g., shared datacenters, shared computing environments, or the like) has increased the opportunities for unauthorized access to digital information. A party may gain unauthorized access to digital information using a variety of techniques. One such technique, referred to as a “side channel attack,” may extract digital information from parameters related to a process (e.g., a computer program, or the like). Side channel attacks may be used to access digital information, defeat cryptographic systems, or the like.
In general, a side channel attack may rely upon collocating with a target process. The side channel attack then, may facilitate accessing (e.g., reading, observing, or the like) information (e.g., memory addresses, cryptographic keys, or the like) related to the target process using indirect means. More specifically, a side channel attack may identify execution of the target process (e.g., by memory block availability observation, by CPU core throttling observation, by memory cache observation, or the like). Then, activity related to the target process may be extracted from the system. Often, related activity may be extracted using similar techniques that were used to identify the target process. Additionally, known characteristics (e.g., timing, resource usage, CPU instruction sets, or the like) related to the computing environment may also be used to extract activity related to the target process.
Conventional countermeasures to side channel attacks may involve adding complex mathematical computations to the target process, performing repeated computation on “fake” data, or the like. However, as can be appreciated, these countermeasures may require modification of the source code of the target process, may increased computational overhead, or the like.