Exploiting bus communication to improve cache attacks on systems-on-chips

Systems-on-Chips (SoCs) are one of the key enabling technologies for the Internet-of-Things (IoT). Given the continuous distribution of IoT devices, data confidentiality and user privacy are of utmost importance. However, with the growing complexity of SoCs, the risk of malware infections and trojans introduced at design time increases significantly. A vital threat to system security are so-called side-channel attacks based on cache observations. While mainly studied on desktop and server systems, recent publications have analyzed cache attacks on mobile devices and network-on-chip platforms. In this work, we investigate cache attacks on System-on-Chips implementing bus based communication. To this end, we present two contributions. First, we demonstrate an improved Prime+Probe based cache attack on AES-128 that, for the first time, exploits the bus communication to increase its efficiency. Second, we integrate two countermeasures (Shuffling and Mini-table) and evaluate their impact on the attack. The results show that our improved attack recovers the full key twice as fast as Prime+Probe without exploiting bus communication. Moreover, we propose protection techniques that are feasible and effectively mitigate both original and improved attack.