Are Timing-Based Side-Channel Attacks Feasible in Shared, Modern Computing Hardware?

There exist various vulnerabilities in computing hardware that adversaries can exploit to mount attacks against the users of such hardware. Microarchitectural Attacks, the result of these vulnerabilities, take advantage of Microarchitectural performance of processor implementations, revealing hidden computing process. Leveraging Microarchitectural resources, adversaries can potentially launch Timing-Based Side-Channel Attacks in order to leak information via timing. In view of these security threats against computing hardware, we analyse current attacks that take advantage of Microarchitectural elements in shared computing hardware. Our analysis focuses only on Timing-Based Side-Channel Attacks against the components of modern PC platforms - with references being made also to other platforms when relevant - as opposed to any other variations of Side-Channel Attacks which have a broad application range. To this end, we analyse Timing Attacks performed against processor and cache components, again with references to other components when appropriate

Countermeasures for timing-based side-channel attacks against shared, modern computing hardware

There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating Microarchitectural Timing-Based Side-Channel Attacks against these systems and as a result compromise the security of the users of such systems. By exploiting Microarchitectural resources, adversaries can potentially launch different variants of Timing Attacks, for instance, to leak sensitive information through timing. In view of these security threats against computing hardware, in a recent study, titled “Are Timing-Based Side-Channel Attacks Feasible in Shared, Modern Computing Hardware?”, currently undergoing the review process, we presented and analysed several such attacks. This extended study proceeds to build upon our recent study in question. To this end, we analyse the existing countermeasures against Timing Attacks and propose new strategies in dealing with such attacks