Robert Martin
Abstract
Over the past two decades, several microarchitectural side channels have been exploited to create sophisticated security attacks. Solutions to this problem have mainly focused on fixing the source of leaks either by limiting the flow of information through the side channel by modifying hardware, or by refactoring vulnerable software to protect sensitive data from leaking. These solutions are reactive and not preventative: while the modifications may protect against a single attack, they do nothing to prevent future side channel attacks that exploit other microarchitectural side channels or exploit the same side channel in a novel way.
In this paper we present a general mitigation strategy that focuses on the infrastructure used to measure side channel leaks rather than the source of leaks, and thus applies to all known and unknown microarchitectural side channel leaks. Our approach is to limit the fidelity of fine grain timekeeping and performance counters, making it difficult for an attacker to distinguish between different microarchitectural events, thus thwarting attacks. We demonstrate the strength of our proposed security modifications, and validate that our changes do not break existing software. Our proposed changes require minor -- or in some cases, no -- hardware modifications and do not result in any substantial performance degradation, yet offer the most comprehensive protection against microarchitectural side channels to date.
- Possible rdtsc bug - intel®software network. WWW page, 2009. http://software.intel.com/en-us/forums/showthread.php?t=65593.Google Scholar
- O. Aciiçmez. Yet another microarchitectural attack: Exploiting i-cache. In 14th ACM Conference on Computer and Communications Security (ACM CCS'07) Computer Security Architecture Workshop, 2007. Google ScholarDigital Library
- O. Aciiçmez, C. K. Koc, and J.-P. Seifert. On the power of simple branch prediction analysis. Cryptology ePrint Archive, Report 2006/351, 2006.Google Scholar
- D. J. Bernstein. Cache-timing attacks on aes. Technical report, 2004. URL: http://cr.yp.to/papers.html/#cachetiming.Google Scholar
- J. Demme and S. Sethumadhavan. Rapid identification of architectural bottlenecks via precise event counting. SIGARCH Comput. Archit. News, 39:353--364, June 2011. Google ScholarDigital Library
- J. L. Greathouse, Z. Ma, M. I. Frank, R. Peri, and T. Austin. Demand-driven software race detection using hardware performance counters. SIGARCH Comput. Archit. News, 39:165--176, June 2011. Google ScholarDigital Library
- D. Gullasch, E. Bangerter, and S. Krenn. Cache games -- bringing access based cache attacks on aes to practice. In 2011 IEEE Symposium on Security and Privacy (SP), pages 490--505, May 2011. Google ScholarDigital Library
- D. Jayasinghe, J. Fernando, R. Herath, and R. Ragel. Remote cache timing attack on advanced encryption standard and countermeasures. In Information and Automation for Sustainability (ICIAFs), 2010 5th International Conference on, pages 177--182, dec. 2010.Google ScholarCross Ref
- S. L. Min and J.-D. Choi. An efficient cache-based access anomaly detection scheme. SIGPLAN Not., 26:235--244, April 1991. Google ScholarDigital Library
- A. Muzahid, D. Suárez, S. Qi, and J. Torrellas. Sigrace: signature-based data race detection. SIGARCH Comput. Archit. News, 37:337--348, June 2009. Google ScholarDigital Library
- M. Neve and J.-P. Seifert. Advances on access-driven cache attacks on aes. In Proceedings of the 13th international conference on Selected areas in cryptography, SAC'06, pages 147--162, Berlin, Heidelberg, 2007. Springer-Verlag. Google ScholarDigital Library
- D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: the case of aes. In Topics in Cryptology - CT-RSA 2006, The Cryptographers Track at the RSA Conference 2006, pages 1--20. Springer-Verlag, 2005. Google ScholarDigital Library
- D. Page. Partitioned cache architecture as a side-channel defence mechanism. Cryptology ePrint Archive, Report 2005/280, 2005.Google Scholar
- C. Percival. Cache missing for fun and profit. In Proc. of BSDCan 2005, 2005.Google Scholar
- M. Prvulovic and J. Torrellas. Reenact: using thread-level speculation mechanisms to debug data races in multithreaded codes. In Proceedings of the 30th annual international symposium on Computer architecture, ISCA '03, pages 110--121, New York, NY, USA, 2003. ACM. Google ScholarDigital Library
- T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pages 199--212, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- B. C. Vattikonda, S. Das, and H. Shacham. Eliminating fine grained timers in xen. In Proceedings of the 3rd ACM workshop on Cloud computing security workshop, CCSW '11, pages 41--46, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- Z. Wang and R. Lee. A novel cache architecture with enhanced performance and security. In Microarchitecture, 2008. MICRO-41. 2008 41st IEEE/ACM International Symposium on, pages 83--93, nov. 2008. Google ScholarDigital Library
- Z. Wang and R. B. Lee. New cache designs for thwarting software cache-based side channel attacks. SIGARCH Comput. Archit. News, 35:494--505, June 2007. Google ScholarDigital Library
Index Terms
- TimeWarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks
Recommendations
TimeWarp: rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks
ISCA '12: Proceedings of the 39th Annual International Symposium on Computer ArchitectureOver the past two decades, several microarchitectural side channels have been exploited to create sophisticated security attacks. Solutions to this problem have mainly focused on fixing the source of leaks either by limiting the flow of information ...
Unraveling timewarp: what all the fuzz is about?
HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and PrivacyTiming attacks are a threat to networked computing systems especially the emerging cloud computing infrastructures. The precision timestamp counters present in modern microprocessors is a popularly used side channel source for timing information. These ...
Comments