当前位置:首页 > 报告详情

安德斯·福格与丹尼尔·格鲁斯_微架构漏洞的过去现在和未来.pdf

上传人: 张** 编号:175536 2024-09-13 66页 9.69MB

1、Microarchitecture VulnerabilitiesPast,Present and FutureDaniel Gruss(Graz University of Technology)Anders Fogh(Intel Corporation)IntroductionDaniel GrussGraz University of TechnologyAnders FoghIntelDaniel and Andersdo not always agree!PastPast earliest daysSide Channels always existedPast earliest d

2、aysSide Channels always existedFirst scientific observations in 1943Past earliest daysSide Channels always existedFirst scientific observations in 1943Concept of“covert channels”in 1973Past earliest daysSide Channels always existedFirst scientific observations in 1943Concept of“covert channels”in 19

3、731974-1980:Provable secure operating systems with exceptions for side channels1985:Orange book.Covert channels with low bandwidth not a problem1996:Paul Kochers seminal work on timing attacksPast:cryptographic attacks1996-2015 Mainly side channels on cryptography(threat model!)Past:cryptographic at

4、tacks1996-2015 Mainly side channels on cryptography(threat model!)Colin Percival(2005):“Cache Missing for fun and profit”ISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic w

5、orks on attacking TEEs with side channelsUSENIX+BlackHat US 2018,S&P 2019:Spectre&MeltdownPast:Moving beyond cryptoISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic works o

6、n attacking TEEs with side channelsUSENIX+BlackHat US 2018,S&P 2019:Spectre&MeltdownPast:Moving beyond cryptoISCA 2014+BlackHat US 2015:RowhammerUSENIX Security 2015:Cache Template AttacksCCS+BlackHat US 2016:Breaking KASLRBlackHat EU 2017:Security through distrusting2017:Many academic works on atta

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要讨论了微架构漏洞的过去、现在和未来。文章首先回顾了微架构漏洞的历史,从1943年首次科学观察到1973年“隐通道”概念的提出,再到1996年Paul Kocher对时序攻击的开创性工作,以及2018年Spectre和Meltdown的爆发。接着,文章讨论了当前的趋势,包括攻击类型、活动水平、缓解措施和值得注意的案例。最后,文章展望了未来的微架构安全,包括新的预测和数据依赖行为、新的防御措施以及更多种类的计算设备。文章强调,微架构安全是一个不断发展的领域,需要持续的努力和关注。
微架构漏洞的演变历程是怎样的? 微架构安全防御有哪些局限性? 未来微架构安全将面临哪些挑战?
客服
商务合作
小程序
服务号
折叠