1. Technical Field
The present disclosure relates generally to obscuring of memory access patterns.
2. Background Art
The access patterns of a program executing on a processor-based system, as the program accesses memory, may inadvertently reveal private or sensitive information of the program. For example, the access patterns of an application encoding or decoding a secret cryptographic key may in some cases be used to determine the value of the bits in the key. Other exploits that use this type of information leakage may be readily envisioned.
Software side channel attacks have the potential to compromise the security of some cryptographic applications. Such attacks may exploit the multitasking capabilities of modern operating systems and the implied sharing of hardware resources. That is, many such side-channel attacks exploit aspects of multi-threading environments where two concurrent threads share computing resources. One such shared resource may be a shared memory resources, such as a memory hierarchy that includes one or more shared caches.
In one specific instance, for example, if two threads (also interchangeably termed “processes” in the context of this Application) executing on a processor-based system share a cache, it is possible for one thread, a “spy” thread, to observe information about the access patterns of the other thread, a “target” thread. This is because the access patterns of the target thread can cause data of the spy thread to be evicted from cache memory, and can thus alter the access time of the spy thread's access of memory.
Depending on different processor architectures in processor-based systems, the spy thread may achieve this type of information leak detection either temporally or spatially. In the temporal case, the spy thread and the target thread may run on a single processor and be interleaved in execution, sharing the single processor's cache. In the spatial case, the spy thread and target thread may run on different processors of a multi-processor system, or on different cores of a multi-core processor, but the spy thread may still achieve this type of detection if the two processors or cores share a common cache.