ABSTRACT
Software cache-based side channel attacks present a serious tthreat to computer systems. Previously proposed countermeasures were either too costly for practical use or only effective against particular attacks. Thus, a recent work identified cache interferences in general as the root cause and proposed two new cache designs, namely partition-locked cache (PLcache) and random permutation cache(RPcache), to defeat cache-based side channel attacks by eliminating/obfuscating cache interferences. In this paper, we analyze these new cache designs and identify significant vulnerabilities and shortcomings of those new cache designs. We also propose possible solutions and improvements over the original new cache designs to overcome the identified shortcomings.
- O. Aciçmez and Ç. K. Koç. Microarchitectural Attacks and Countermeasures. Chapter in "Cryptographic Engineering" by Ç. K. Koç, Springer, ISBN 0387718168, to be published in November 2008. Google ScholarDigital Library
- O. Aciçmez. Yet Another MicroArchitectural Attack: Exploiting I-Cache. Proceedings of the 2007 ACM Workshop on Computer Security Architecture, pages 11--18, ACM Press, 2007. Google ScholarDigital Library
- O. Aciçmez, Ç. K. Koç, and J.-P. Seifert. On The Power of Simple Branch Prediction Analysis. 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07), R. Deng and P. Samarati, editors, pages 312--320, ACM Press, 2007. Google ScholarDigital Library
- O. Aciçmez, Ç. K. Koç, and J.-P. Seifert. Predicting Secret Keys via Branch Prediction. Topics in Cryptology | CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, M. Abe, editor, pages 225--242, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007.Google Scholar
- O. Aciçmez and J.-P. Seifert. Cheap Hardware Parallelism Implies Cheap Security. 4th Workshop on Fault Diagnosis and Tolerance in Cryptography | FDTC 2007, pages 80--91, IEEE Computer Society, 2007. Google ScholarDigital Library
- O. Aciçmez, W. Schindler, and Ç. K. Koç. Cache Based Remote Timing Attack on the AES. Topics in Cryptology | CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, M. Abe, editor, pages 271--286, Springer-Verlag, Lecture Notes in Computer Science series 4377, 2007.Google Scholar
- O. Aciçmez, W. Schindler, Ç. K. Koç. Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations. Proceedings of the 12th ACM Conference on Computer and Communications Security, C. Meadows and P. Syverson, editors, pages 139--146, ACM Press, 2005. Google ScholarDigital Library
- Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, 2001. Available at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdfGoogle Scholar
- AMD. Lightweight Profiling Proposal, AMD, July 2007. Available at: http://developer.amd.com/assets/HardwareExtensionsforLeightweightProfilingPublic20070720.pdfGoogle Scholar
- D. J. Bernstein. Cache-timing attacks on AES. Technical Report, 37 pages, April 2005.Google Scholar
- J. Bonneau and I. Mironov. Cache-Collision Timing Attacks against AES. Cryptographic Hardware and Embedded Systems | CHES 2006, L. Goubin and M. Matsui, editors, pages 201--215, Springer-Verlag, Lecture Notes in Computer Science series 4249, 2006. Google ScholarDigital Library
- D. Brumley and D. Boneh. Remote Timing Attacks are Practical. Proceedings of the 12th Usenix Security Symposium, pages 1--14, 2003. Google ScholarDigital Library
- D. Burger and T.M. Austin. The Simplescalar Tool Set Version 2.0. Technical Report, Computer Science Department, University of Wisconsin-Madison, 1997.Google ScholarDigital Library
- J. Daemen, V. Rijmen. The Design of Rijndael: AES - The Advanced Encryption Standard. Springer-Verlag, 2002. Google ScholarDigital Library
- S. Gueron. Advanced Encryption Standard (AES) Instructions Set. Technical Report, 35 pages, Intel Corporation, April 2008. Available at: http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set WP.pdfGoogle Scholar
- M. Neve and J.-P. Seifert. Advances on Access-driven Cache Attacks on AES. 13th International Workshop on Selected Areas of Cryptography | SAC'06, E. Biham and A. M. Youssef, editors, pages 147--162, Springer, Lecture Notes in Computer Science series 4356, 2007. Google ScholarDigital Library
- OpenSSL Montgomery Exponentiation Side-Channel Local Information Disclosure Vulnerability. http://www.securityfocus.com/bid/25163/ 2007.Google Scholar
- OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability. http://www.securityfocus.com/bid/7101/ 2003.Google Scholar
- D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: The Case of AES. Topics in Cryptology | CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, D. Pointcheval, editor, pages 1--20, Springer-Verlag, Lecture Notes in Computer Science series 3860, 2006 Google ScholarDigital Library
- D. Page. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel. Technical Report CSTR-02--003, Department of Computer Science, University of Bristol, June 2002.Google Scholar
- D. Page. Partitioned Cache Architecture as a Side Channel Defence Mechanism. Cryptography ePrint Archive, Report 2005/280, August 2005.Google Scholar
- C. Percival. Cache missing for fun and profit. BSDCan 2005, Ottawa, 2005.Google Scholar
- D. Song, D. Wagner, and X. Tian. Timing Analysis of Keystrokes and SSH Timing Attacks. Proceedings of the 10th Usenix Security Symposium, 2001. Google ScholarDigital Library
- K. Tiri, O. Aciçmez, M. Neve, and F. Andersen. An Analytical Model for Time-Driven Cache Attacks. 14th International Workshop on Fast Software Encryption | FSE 2007, A. Biryukov, editor, pages 399--413, Springer, Lecture Notes in Computer Science series 4593, 2007. Google ScholarDigital Library
- Z. Wang and R. B. Lee. New Cache Designs for Thwarting Software Cache-based Side Channel Attacks, the 34th International Symposium on Computer Architecture (ISCA 2007), June 9--13, 2007. Google ScholarDigital Library
Index Terms
- Deconstructing new cache designs for thwarting software cache-based side channel attacks
Recommendations
How secure is your cache against side-channel attacks?
MICRO-50 '17: Proceedings of the 50th Annual IEEE/ACM International Symposium on MicroarchitectureSecurity-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are ...
New cache designs for thwarting software cache-based side channel attacks
ISCA '07: Proceedings of the 34th annual international symposium on Computer architectureSoftware cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...
New cache designs for thwarting software cache-based side channel attacks
Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...
Comments