I'm trying to figure out what are the differences between two cache side channel attack: Prime and Probe vs Evict and Reload. It seems that both of the attacks are identical - the adversary evicts data from cache sets by filling them with its own data, then he periodically test whether there is a cache miss or hit, and that allows him to infer memory access pattern that is done by the victim. I did find a lecture from Black Hat Asia 2017, in which they explain that Prime and Probe doesn't require shared memory, so my assumption is that the attacks are both identical, but the term Prime and Probe refers to Evict and Reload on unshared memory ?
Asked
Active
Viewed 1,781 times
1 Answers
3
Evict+Reload uses shared memory (usually a shared library) in the middle. The attacker first evicts the shared memory from the cache set with the use of an evictions set. If the victim now accesses the shared memory, it will overwrite the attacker's data in the cache. The attacker now also accesses the shared memory and measures how long it takes. If it was fast, the vicitim accessed the shared memory in between, if it is slow, he did not.
Now for Prime+Probe the attacker first primes/fills the cache set with his "eviction set". The vicitm may now access his memory that maps to the same cache set and therefore evicts some of the attacker's data. Now the attacker accesses all his memory and measures the time. If it was fast, the victim did not access the memory, if it was slow, he did (because we have a cache miss).
So essentially the idea behind the two attacks is similar, but Prime+Probe does not need shared memory and therefore works slightly different.
HackBrettHB
- 31
- 1
- 6