System-on-Chips (SoCs) are a key enabling technology for the Internet-of-Things (IoT), a hyper-connected world where on- and inter-chip communication is ubiquitous. SoCs usually integrate cryptographic hardware cores for confidentiality and authentication services. However, these components are prone to implementation attacks. During the operation of a cryptographic core, the secret key may passively be inferred through cache observations. Access-driven attacks exploiting these observations are therefore a vital threat to SoCs operating in IoT environments. Previous works have shown the feasibility of these attacks in the SoC context. Yet, the SoC communication structure can be used to further improve access-based cache attacks. The communication attacks are not as well-understood as other micro-architectural attacks. It is important to raise the awareness of SoC designers of such a threat. To this end, we present four contributions. First, we demonstrate an improved Prime+Probe attack on four different AES-128 implementations (original transformation tables,T0-Only,T2KB, and S-Box). As a novelty, this attack exploits the collisions of the bus-based SoC communication to further increase its efficiency. Second, we explore the impact of preloading on the efficiency of our communication-optimized attack. Third, we integrate three countermeasures (shuffling,mini-tables, andTime-Division Multiple Access (TDMA) bus arbitration) and evaluate their impact on the attack. Althoughshufflingandmini-tablescountermeasures were proposed in previous work, their application as countermeasures against the bus-based attack was not studied before. In addition, TDMA as a countermeasure for bus-based attacks is an original contribution of this work. Fourth, we further discuss the implications of our work in the SoC design and its perspective with the new cryptographic primitives proposed in the ongoing National Institute of Standard and Technology Lightweight Cryptography competition. The results show that our improved communication-optimized attack is efficient, speeding up full key recovery by up to 400 times when compared to the traditional Prime+Probe technique. Moreover, the protection techniques are feasible and effectively mitigate the proposed improved attack.

中文翻译：

---

超越缓存攻击

片上系统 (SoC) 是物联网 (IoT) 的关键支持技术，物联网是一个超连接的世界，片上和片间通信无处不在。SoC 通常集成加密硬件内核以提供机密性和身份验证服务。但是，这些组件很容易受到实现攻击。在加密核心的操作过程中，可以通过缓存观察被动地推断出密钥。因此，利用这些观察结果的访问驱动攻击是对在物联网环境中运行的 SoC 的重大威胁。以前的工作已经证明了这些攻击在 SoC 环境中的可行性。然而，SoC 通信结构可用于进一步改进基于访问的缓存攻击。通信攻击不像其他微架构攻击那样容易理解。提高 SoC 设计人员对这种威胁的认识非常重要。为此，我们提出了四项贡献。首先，我们对四种不同的 AES-128 实现（原始转换表、吨0-仅有的，吨2KB和 S 盒）。作为一种新颖性，这种攻击利用基于总线的 SoC 通信的冲突来进一步提高其效率。其次，我们探讨了预加载对我们的通信优化攻击效率的影响。第三，我们整合了三个对策（洗牌,迷你桌， 和时分多址 (TDMA) 总线仲裁) 并评估它们对攻击的影响。虽然洗牌和迷你桌在以前的工作中提出了对策，以前没有研究过它们作为针对基于总线的攻击的对策的应用。此外，TDMA 作为基于总线的攻击的对策是这项工作的原创性贡献。第四，我们进一步讨论了我们的工作在 SoC 设计中的意义及其与正在进行的美国国家标准与技术研究院轻量级密码学竞赛中提出的新密码原语的观点。结果表明，我们改进的通信优化攻击是有效的，与传统的 Prime+Probe 技术相比，将完整密钥恢复速度提高了 400 倍。此外，保护技术是可行的，有效地缓解了所提出的改进攻击。