Next Article in Journal
A Paired Learner-Based Approach for Concept Drift Detection and Adaptation in Software Defect Prediction
Next Article in Special Issue
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey
Previous Article in Journal
Modified Contrast-Detail Phantom for Determination of the CT Scanners Abilities for Low-Contrast Detection
Previous Article in Special Issue
Search-Space Reduction for S-Boxes Resilient to Power Attacks
 
 
Article
Peer-Review Record

Performing Cache Timing Attacks from the Reconfigurable Part of a Heterogeneous SoC—An Experimental Study

Appl. Sci. 2021, 11(14), 6662; https://doi.org/10.3390/app11146662
by Lilian Bossuet * and El Mehdi Benhani
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Appl. Sci. 2021, 11(14), 6662; https://doi.org/10.3390/app11146662
Submission received: 25 June 2021 / Revised: 15 July 2021 / Accepted: 16 July 2021 / Published: 20 July 2021
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)

Round 1

Reviewer 1 Report

Authors presented a malicious use of cache coherency between the processing system and the programmable logic part of the modern SoC-FPGA. They have described a method to distinguish between a cache miss and a cache hit originating the programmable logic part. However, there are some concerns need to be fixed. First of all, in the Introduction section, (paragraph1) "... by exploiting the two following threats: ", but these two threats have not been mentioned at the end of the paragraph. Also, in the Introduction section, (paragraph 2) you have stated "...Many recent works suggest..." it would be better to cite some of these works. Also in the Introduction section, (paragraph 3), you have mentioned two processes, what are these processes?. Moreover, section 2.1 might be better to be in the introduction section. In the related works section, you have discussed only three studies [10] [11] and [12], are these the only studies related to your work? In section 5.1.1, the equation is not clear. In section 5.1.3, Figure 10 is not clear in terms of distinguishing between (a) and (b), thus you might need to shift b a little bit forward. Finally, these are some types need to be addressed like figure 3 in section 2.1, figure 5 in sections 3.1 and 3.2, and figure 6 in section 4.1.

Author Response

We have read all the Reviewer 1 comments and recommendations carefully and have address all of them in the new revised version of the manuscript. We would like to thank the Reviewer 1 for these suggestions.

The authors

 

Reviewer 2 Report

The authors implement a side-channel attack in SoC with FPGA via the coherent cache between cores and programmable logic.
They use this to establish a covert channel between the secure zone of such system and the insecure zone, e.g. to leak a password.

In the intro, the authors might more clearly distinguish between the side-channel attack itself and its use in establishing a covert channel, especially a covert channel between secure zone and insecure zone.

Few edits:

line 68: This paper start, in Section II, by describing --> ...starts...

line 83: as presented inf the figure 3 --> ...in...

line 140: 3.2. Accelerator cohenrensy port --> coherency

line 435: in the of --> in the

Author Response

We have read all the reviewer 2 comments and recommendations carefully and have address all of them in the new revised version of the manuscript. We would like to thank the reviewer 2 for this suggestions.

The authors

Back to TopTop