research-article

Deconstructing new cache designs for thwarting software cache-based side channel attacks

Authors:

Jean-Pierre Seifert,

Huiyang ZhouAuthors Info & Claims

CSAW '08: Proceedings of the 2nd ACM workshop on Computer security architectures

Pages 25 - 34

https://doi.org/10.1145/1456508.1456514

Published: 31 October 2008 Publication History

Abstract

Software cache-based side channel attacks present a serious tthreat to computer systems. Previously proposed countermeasures were either too costly for practical use or only effective against particular attacks. Thus, a recent work identified cache interferences in general as the root cause and proposed two new cache designs, namely partition-locked cache (PLcache) and random permutation cache(RPcache), to defeat cache-based side channel attacks by eliminating/obfuscating cache interferences. In this paper, we analyze these new cache designs and identify significant vulnerabilities and shortcomings of those new cache designs. We also propose possible solutions and improvements over the original new cache designs to overcome the identified shortcomings.

References

[1]

O. Aciçmez and Ç. K. Koç. Microarchitectural Attacks and Countermeasures. Chapter in "Cryptographic Engineering" by Ç. K. Koç, Springer, ISBN 0387718168, to be published in November 2008.

Digital Library

[2]

O. Aciçmez. Yet Another MicroArchitectural Attack: Exploiting I-Cache. Proceedings of the 2007 ACM Workshop on Computer Security Architecture, pages 11--18, ACM Press, 2007.

Digital Library

[3]

O. Aciçmez, Ç. K. Koç, and J.-P. Seifert. On The Power of Simple Branch Prediction Analysis. 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07), R. Deng and P. Samarati, editors, pages 312--320, ACM Press, 2007.

Digital Library

[4]

O. Aciçmez, Ç. K. Koç, and J.-P. Seifert. Predicting Secret Keys via Branch Prediction. Topics in Cryptology | CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, M. Abe, editor, pages 225--242, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007.

[5]

O. Aciçmez and J.-P. Seifert. Cheap Hardware Parallelism Implies Cheap Security. 4th Workshop on Fault Diagnosis and Tolerance in Cryptography | FDTC 2007, pages 80--91, IEEE Computer Society, 2007.

Digital Library

[6]

O. Aciçmez, W. Schindler, and Ç. K. Koç. Cache Based Remote Timing Attack on the AES. Topics in Cryptology | CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, M. Abe, editor, pages 271--286, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007.

[7]

O. Aciçmez, W. Schindler, Ç. K. Koç. Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations. Proceedings of the 12th ACM Conference on Computer and Communications Security, C. Meadows and P. Syverson, editors, pages 139--146, ACM Press, 2005.

Digital Library

[8]

Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, 2001. Available at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

[9]

AMD. Lightweight Profiling Proposal, AMD, July 2007. Available at: http://developer.amd.com/assets/HardwareExtensionsforLeightweightProfilingPublic20070720.pdf

[10]

D. J. Bernstein. Cache-timing attacks on AES. Technical Report, 37 pages, April 2005.

[11]

J. Bonneau and I. Mironov. Cache-Collision Timing Attacks against AES. Cryptographic Hardware and Embedded Systems | CHES 2006, L. Goubin and M. Matsui, editors, pages 201--215, Springer-Verlag, Lecture Notes in Computer Science series 4249, 2006.

Digital Library

[12]

D. Brumley and D. Boneh. Remote Timing Attacks are Practical. Proceedings of the 12th Usenix Security Symposium, pages 1--14, 2003.

Digital Library

[13]

D. Burger and T.M. Austin. The Simplescalar Tool Set Version 2.0. Technical Report, Computer Science Department, University of Wisconsin-Madison, 1997.

Digital Library

[14]

J. Daemen, V. Rijmen. The Design of Rijndael: AES - The Advanced Encryption Standard. Springer-Verlag, 2002.

Digital Library

[15]

S. Gueron. Advanced Encryption Standard (AES) Instructions Set. Technical Report, 35 pages, Intel Corporation, April 2008. Available at: http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set WP.pdf

[16]

M. Neve and J.-P. Seifert. Advances on Access-driven Cache Attacks on AES. 13th International Workshop on Selected Areas of Cryptography | SAC'06, E. Biham and A. M. Youssef, editors, pages 147--162, Springer, Lecture Notes in Computer Science series 4356, 2007.

Digital Library

[17]

OpenSSL Montgomery Exponentiation Side-Channel Local Information Disclosure Vulnerability. http://www.securityfocus.com/bid/25163/ 2007.

[18]

OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability. http://www.securityfocus.com/bid/7101/ 2003.

[19]

D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: The Case of AES. Topics in Cryptology | CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, D. Pointcheval, editor, pages 1--20, Springer-Verlag, Lecture Notes in Computer Science series 3860, 2006

Digital Library

[20]

D. Page. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02--003, Department of Computer Science, University of Bristol, June 2002.

[21]

D. Page. Partitioned Cache Architecture as a Side Channel Defence Mechanism. Cryptography ePrint Archive, Report 2005/280, August 2005.

[22]

C. Percival. Cache missing for fun and profit. BSDCan 2005, Ottawa, 2005.

[23]

D. Song, D. Wagner, and X. Tian. Timing Analysis of Keystrokes and SSH Timing Attacks. Proceedings of the 10th Usenix Security Symposium, 2001.

Digital Library

[24]

K. Tiri, O. Aciçmez, M. Neve, and F. Andersen. An Analytical Model for Time-Driven Cache Attacks. 14th International Workshop on Fast Software Encryption | FSE 2007, A. Biryukov, editor, pages 399--413, Springer, Lecture Notes in Computer Science series 4593, 2007.

Digital Library

[25]

Z. Wang and R. B. Lee. New Cache Designs for Thwarting Software Cache-based Side Channel Attacks, the 34th International Symposium on Computer Architecture (ISCA 2007), June 9--13, 2007.

Digital Library

Cited By

Mosquera Ferrandiz F(2024)A Study of Mitigation Methods for Speculative Cache Side Channel Attacksundefined10.12794/metadc2332527Online publication date: May-2024
https://doi.org/10.12794/metadc2332527
Kelemework YAlameldeen A(2024)INTERFACE: An Indirect, Partitioned, Random, Fully-Associative Cache to Avoid Shared Last-Level Cache Attacks2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00015(37-49)Online publication date: 16-May-2024
https://doi.org/10.1109/SEED61283.2024.00015
Mosquera FEkanayake AHua WKavi KMehta GJohn L(2024)SecurityCloak: Protection against cache timing and speculative memory access attacksJournal of Systems Architecture10.1016/j.sysarc.2024.103107150(103107)Online publication date: May-2024
https://doi.org/10.1016/j.sysarc.2024.103107
Show More Cited By

Index Terms

Deconstructing new cache designs for thwarting software cache-based side channel attacks

Recommendations

How secure is your cache against side-channel attacks?
MICRO-50 '17: Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture

Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are ...
New cache designs for thwarting software cache-based side channel attacks
ISCA '07: Proceedings of the 34th annual international symposium on Computer architecture

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...
New cache designs for thwarting software cache-based side channel attacks

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CSAW '08: Proceedings of the 2nd ACM workshop on Computer security architectures

October 2008

72 pages

ISBN:9781605583006

DOI:10.1145/1456508

Program Chair:
Trent Jaeger
PennsylvaniaStateUniversity

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 October 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS08

Sponsor:

CCS08: 15th ACM Conference on Computer and Communications Security 2008

October 31, 2008

Virginia, Alexandria, USA

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

62
Total Citations
View Citations
655
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Mosquera Ferrandiz F(2024)A Study of Mitigation Methods for Speculative Cache Side Channel Attacksundefined10.12794/metadc2332527Online publication date: May-2024
https://doi.org/10.12794/metadc2332527
Kelemework YAlameldeen A(2024)INTERFACE: An Indirect, Partitioned, Random, Fully-Associative Cache to Avoid Shared Last-Level Cache Attacks2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00015(37-49)Online publication date: 16-May-2024
https://doi.org/10.1109/SEED61283.2024.00015
Mosquera FEkanayake AHua WKavi KMehta GJohn L(2024)SecurityCloak: Protection against cache timing and speculative memory access attacksJournal of Systems Architecture10.1016/j.sysarc.2024.103107150(103107)Online publication date: May-2024
https://doi.org/10.1016/j.sysarc.2024.103107
Jin HHe ZQiang W(2023)SpecTerminator: Blocking Speculative Side Channels Based on Instruction Classes on RISC-VACM Transactions on Architecture and Code Optimization10.1145/356605320:1(1-26)Online publication date: 10-Feb-2023
https://dl.acm.org/doi/10.1145/3566053
Mosquera FKavi KMehta GJohn L(2023)Guard Cache: Creating False Cache Hits and Misses To Mitigate Side-Channel Attacks2023 Silicon Valley Cybersecurity Conference (SVCC)10.1109/SVCC56964.2023.10165527(1-8)Online publication date: 17-May-2023
https://doi.org/10.1109/SVCC56964.2023.10165527
Mosquera FKavi KMehta GJohn L(2023)Guard Cache: Creating Noisy Side-ChannelsIEEE Computer Architecture Letters10.1109/LCA.2023.328971022:2(97-100)Online publication date: Jul-2023
https://doi.org/10.1109/LCA.2023.3289710
Sakalis CKaxiras SSjälander M(2022)Delay-on-Squash: Stopping Microarchitectural Replay Attacks in Their TracksACM Transactions on Architecture and Code Optimization10.1145/356369520:1(1-24)Online publication date: 17-Nov-2022
https://dl.acm.org/doi/10.1145/3563695
Dhavlle ARafatirad SKhasawneh KHomayoun HDinakarrao S(2022)Imitating Functional Operations for Mitigating Side-Channel LeakageIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2021.307024341:4(868-881)Online publication date: Apr-2022
https://doi.org/10.1109/TCAD.2021.3070243
Nelson CIzraelevitz JBahar RLehman T(2022)Eliminating Micro-Architectural Side-Channel Attacks using Near Memory Processing2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED55351.2022.00023(179-189)Online publication date: Sep-2022
https://doi.org/10.1109/SEED55351.2022.00023
Song WLi BXue ZLi ZWang WLiu P(2021)Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It2021 IEEE Symposium on Security and Privacy (SP)10.1109/SP40001.2021.00050(955-969)Online publication date: May-2021
https://doi.org/10.1109/SP40001.2021.00050
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten