（毕业论文）基于分支预测分析攻击与防御的研究.docxVIP

摘　　要几年来，随着信息安全技术的发展，微体系结构分析攻击已成为通用处理器上多种密码算法实现的最大威胁，相关研究逐渐成为密码侧信道攻击的热点。本文将在对各种微体系结构分析攻击研究的基础上，重点关注分支预测分析攻击。此种攻击具有更大的威胁性，依据对微体系结构中分支预测单元的BTB (Branch Target Buffers, 分支目标缓存)分析，在理论上，通过实施一次攻击即可破解出RSA或者ECC等加密算法的全部密钥。并且在执行攻击流程上，完全“合法”，只需一个精心设计的间谍进程辅助攻击的实施。目前，针对此攻击只有软件的防护方法，并具有明显缺陷。本文提出微体系结构的硬件防护措施来有效抵御此种攻击。在防护过程中，文章将使用记录表动态判别系统运行中的间谍进程，并立即激活对应的防护策略。在BTB中，最近访问的关键分支语句将被强行加锁，阻止间谍进行对其进行替换，破坏攻击条件，达到有效防护的目的。实验表明提出的微体系防护策略仅仅只需要8KB的硬件开销，并且由于加锁后的BTB行被进程独占，减少访问BTB的替换冲突，所以整体性能上有0.12%的微弱提升。同时，此方案可以完全对软件层透明，消除了软件方法中对于程序的依赖，减少了防护代价。关键字： 分支预测分析攻击，微体系结构分析攻击，侧信道攻击ABSTRACTIn recent years, with the development of information security, micro-architectural analysis has become one of the most threatening attacks to cipher system that implemented on general microprocessors, which is a hot spot of cryptographic side channel attacks. This paper summarizes the micro-architectural analysis attacks and focuses on the branch prediction analysis attack (BPA). This attack extracts the secret information based on monitoring the branch target buffers (BTB). Some cryptography algorithms, such as RSA, ECC are naturally vulnerable to BPA because of the key-centric sequence of conditional branches. BPA attack can successfully steal almost all of the security key bits during one single encryption process in virtue of an elaborately designed and “legitimate” spy-process. Although there are some countermeasures existing in the state-of-art literatures, all of them are software-based methods, which lead to a series of design challenges.This paper proposes an architectural support scheme against the BPA attack comprehensively. A well-customized surveillance table with limited size is appended to record each process in order to dynamically recognize which one is malicious in time. And then a lock-based BTB scheme is utilized to protect the BTB visiting from BPA attack efficiently to ensure the sensitive information not be leaked due to the conditional branches loophole. Experimental results show that the proposed