ABSTRACT
In today's multicore processors, the last-level cache is often shared by multiple concurrently running processes to make efficient use of hardware resources. However, previous studies have shown that a shared cache is vulnerable to timing channel attacks that leak confidential information from one process to another. Static cache partitioning can eliminate the cache timing channels but incurs significant performance overhead. In this paper, we propose Secure Dynamic Cache Partitioning (SecDCP), a partitioning technique that defeats cache timing channel attacks. The SecDCP scheme changes the size of cache partitions at run time for better performance while preventing insecure information leakage between processes. For cache-sensitive multiprogram workloads, our experimental results show that SecDCP improves performance by up to 43% and by an average of 12.5% over static cache partitioning.
- M. Backes, M. Dürmuth, S. Gerling, M. Pinkal, and C. Sporleder. Acoustic side-channel attacks on printers. In Proceedings of the 19th USENIX Conference on Security, 2010. Google ScholarDigital Library
- D. J. Bernstein. Cache-timing attacks on AES. Technical report, 2005.Google Scholar
- N. Binkert, B. Beckmann, G. Black, S. K. Reinhardt, A. Saidi, A. Basu, J. Hestness, D. R. Hower, T. Krishna, S. Sardashti, R. Sen, K. Sewell, M. Shoaib, N. Vaish, M. D. Hill, and D. A. Wood. The gem5 simulator. SIGARCH Comput. Archit. News, 2011. Google ScholarDigital Library
- J. Bonneau and I. Mironov. Cache-collision timing attacks against AES. In Proceedings of the 8th International Conference on Cryptographic Hardware and Embedded Systems, 2006. Google ScholarDigital Library
- D. Gullasch, E. Bangerter, and S. Krenn. Cache games -- bringing access-based cache attacks on AES to practice. In Proceedings of the 2011 IEEE Symposium on Security and Privacy, 2011. Google ScholarDigital Library
- P. C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, 1999. Google ScholarDigital Library
- F. Liu and R. B. Lee. Random fill cache architecture. In Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture, 2014. Google ScholarDigital Library
- F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. Lee. Last-level cache side-channel attacks are practical. In 36th IEEE Symposium on Security and Privacy, 2015. Google ScholarDigital Library
- D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: The case of AES. In Proceedings of the 2006 The Cryptographers' Track at the RSA Conference on Topics in Cryptology, 2006. Google ScholarDigital Library
- D. Page. Partitioned cache architecture as a side-channel defence mechanism. IACR Eprint archive, 2005.Google Scholar
- C. Percival. Cache missing for fun and profit. In Proceedings of BSDCan, 2005.Google Scholar
- M. K. Qureshi and Y. N. Patt. Utility-based cache partitioning: A low-overhead, high-performance, runtime mechanism to partition shared caches. In Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, 2006. Google ScholarDigital Library
- D. Sanchez and C. Kozyrakis. Vantage: Scalable and efficient fine-grain cache partitioning. In Proceedings of the 38th Annual International Symposium on Computer Architecture, 2011. Google ScholarDigital Library
- G. E. Suh, S. Devadas, and L. Rudolph. A new memory monitoring scheme for memory-aware scheduling and partitioning. In Proceedings of the 8th International Symposium on High-Performance Computer Architecture, 2002. Google ScholarDigital Library
- Z. Wang and R. B. Lee. New cache designs for thwarting software cache-based side channel attacks. In Proceedings of the 34th Annual International Symposium on Computer Architecture, 2007. Google ScholarDigital Library
- Z. Wang and R. B. Lee. A novel cache architecture with enhanced performance and security. In Proceedings of the 41st Annual IEEE/ACM International Symposium on Microarchitecture, 2008. Google ScholarDigital Library
- Y. Xie and G. H. Loh. Pipp: Promotion/insertion pseudo-partitioning of multi-core shared caches. In Proceedings of the 36th Annual International Symposium on Computer Architecture, 2009. Google ScholarDigital Library
Recommendations
TLB Improvements for Chip Multiprocessors: Inter-Core Cooperative Prefetchers and Shared Last-Level TLBs
Translation Lookaside Buffers (TLBs) are critical to overall system performance. Much past research has addressed uniprocessor TLBs, lowering access times and miss rates. However, as Chip MultiProcessors (CMPs) become ubiquitous, TLB design and ...
High performance cache replacement using re-reference interval prediction (RRIP)
ISCA '10Practical cache replacement policies attempt to emulate optimal replacement by predicting the re-reference interval of a cache block. The commonly used LRU replacement policy always predicts a near-immediate re-reference interval on cache hits and ...
Comments