Proceedings Article10.1109/MICRO.2014.28
Random Fill Cache Architecture
Fangfei Liu,Ruby B. Lee +1 more
- 13 Dec 2014
- pp 203-215
TL;DR: A novel random fill cache architecture is proposed that replaces demand fetch with random cache fill within a configurable neighborhood window and shows that it provides information-theoretic security against reuse based attacks.
read more
Abstract: Correctly functioning caches have been shown to leak critical secrets like encryption keys, through various types of cache side-channel attacks. This nullifies the security provided by strong encryption and allows confidentiality breaches, impersonation attacks and fake services. Hence, future cache designs must consider security, ideally without degrading performance and power efficiency. We introduce a new classification of cache side channel attacks: contention based attacks and reuse based attacks. Previous secure cache designs target only contention based attacks, and we show that they cannot defend against reuse based attacks. We show the surprising insight that the fundamental demand fetch policy of a cache is a security vulnerability that causes the success of reuse based attacks. We propose a novel random fill cache architecture that replaces demand fetch with random cache fill within a configurable neighborhood window. We show that our random fill cache does not degrade performance, and in fact, improves the performance for some types of applications. We also show that it provides information-theoretic security against reuse based attacks.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Flush+Flush: A Fast and Stealthy Cache Attack
Daniel Gruss,Clémentine Maurice,Klaus Wagner,Stefan Mangard +3 more
- 07 Jul 2016
TL;DR: The Flush+Flush attack as mentioned in this paper uses the execution time of the flush instruction, which depends on whether data is cached or not, to reduce the number of cache misses.
•Proceedings Article
Sanctum: Minimal Hardware Extensions for Strong Software Isolation
Victor Costan,Ilia Lebedev,Srinivas Devadas +2 more
- 01 Jan 2016
TL;DR: Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information from a program's memory access patterns.
Cache template attacks: automating attacks on inclusive last-level caches
Daniel Gruss,Raphael Spreitzer,Stefan Mangard +2 more
- 12 Aug 2015
TL;DR: An automated attack on the T-table-based AES implementation of OpenSSL that is as efficient as state-of-the-art manual cache attacks and can reduce the entropy per character from log2(26) = 4.7 to 1.4 bits on Linux systems is performed.
507
CATalyst: Defeating last-level cache side channel attacks in cloud computing
Fangfei Liu,Qian Ge,Yuval Yarom,Frank Mckeen,Carlos V. Rozas,Gernot Heiser,Ruby B. Lee +6 more
- 12 Mar 2016
TL;DR: CATalyst, a pseudo-locking mechanism which uses CAT to partition the LLC into a hybrid hardware-software managed cache, is presented, and it is shown that LLC side channel attacks can be defeated.
470
A survey of microarchitectural timing attacks and countermeasures on contemporary hardware
TL;DR: This work surveys recent attacks that exploit microarchitectural features in shared hardware, especially as they are relevant for cloud computing, and classify types of attacks according to a taxonomy of the shared resources leveraged for such attacks.
440
References
•Book
Elements of information theory
Thomas M. Cover,Joy A. Thomas +1 more
- 01 Jan 1991
TL;DR: The author examines the role of entropy, inequality, and randomness in the design of codes and the construction of codes in the rapidly changing environment.
The gem5 simulator
Nathan Binkert,Bradford M. Beckmann,Gabriel Black,Steven K. Reinhardt,Ali G. Saidi,Arkaprava Basu,Joel Hestness,Derek R. Hower,Tushar Krishna,Somayeh Sardashti,Rathijit Sen,Korey Sewell,Muhammad Shoaib,Nilay Vaish,Mark D. Hill,Darien Wood +15 more
TL;DR: The high level of collaboration on the gem5 project, combined with the previous success of the component parts and a liberal BSD-like license, make gem5 a valuable full-system simulation tool.
Cache attacks and countermeasures: the case of AES
Dag Arne Osvik,Adi Shamir,Eran Tromer +2 more
- 13 Feb 2006
TL;DR: In this article, the authors describe side-channel attacks based on inter-process leakage through the state of the CPU's memory cache, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups.
1.3K
•Posted Content
Cache attacks and Countermeasures: the Case of AES.
TL;DR: In this article, the authors describe side-channel attacks based on inter-process leakage through the state of the CPU's memory cache, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups.
Cross-VM side channels and their use to extract private keys
Yinqian Zhang,Ari Juels,Michael K. Reiter,Thomas Ristenpart +3 more
- 16 Oct 2012
TL;DR: This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victims using the most recent version of the libgcrypt cryptographic library.
Related Papers (5)
Zhenghong Wang,Ruby B. Lee +1 more
- 09 Jun 2007
Yuval Yarom,Katrina Falkner +1 more
- 20 Aug 2014
Dag Arne Osvik,Adi Shamir,Eran Tromer +2 more
- 13 Feb 2006