Cryptology ePrint Archive: Report 2016/479

Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses

Jakub Szefer

Abstract: Over last two decades, side and covert channel research has shown variety of ways of exfiltrating information for a computer system. Processor microarchitectural side and covert channel attacks have emerged as some of the most clever attacks, and ones which are difficult to deal with, without impacting system performance. Unlike electro-magnetic or power-based channels, microarchitectural side and covert channel do not require physical proximity to the target device. Instead, only malicious or cooperating spy applications need to be co-located on the same machine as the victim. And in some attacks even co-location is not needed, only timing of the execution of the victim as measured by a remote attacker over the network can form a side channel for information leaks. This survey extracts the key features of the processor's microarchitectural functional units which make the channels possible, presents an analysis and categorization of the variety of microarchitectural side and covert channels others have presented in literature, and surveys existing defense proposals. With advent of cloud computing and ability to launch microarchitectural side and covert channels even across virtual machines, understanding of these channels is critical.

Category / Keywords: Processor Architectures, Side-channels, Covert-channels, Survey

Date: received 19 May 2016, last revised 4 Jun 2016

Contact author: jakub szefer at yale edu

Available format(s): PDF | BibTeX Citation

Note: A minor revision of the survey, edited the text and added few new references.

Version: 20160604:164053 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]