How secure is your cache against side-channel attacks?

Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:MICRO-50 : the 50th annual IEEE/ACM International Symposium on Microarchitecture : proceedings : October 14-18, 2017, Cambridge, MA s. 341 - 353
Hlavní autori: He, Zecheng, Lee, Ruby B.
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: New York, NY, USA ACM 14.10.2017
Edícia:ACM Conferences
Predmet:
Cache
Computer architecture
Computer systems organization > Dependable and fault-tolerant systems and networks > Processors and memory architectures
Encryption
General and reference > Cross-computing tools and techniques > Evaluation
Measurement
quantification
Resilience
Security and privacy > Security in hardware > Hardware attacks and countermeasures > Side-channel analysis and countermeasures
security modeling
side-channel attack
Side-channel attacks
cache
quantification
side-channel attack
security modeling
ISBN:1450349528, 9781450349529
ISSN:2379-3155
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers, but an intrinsic property of all caches - the different access times for cache hits and misses - is the property exploited to leak information in time-based cache side-channel attacks. Recently, different secure cache architectures have been proposed to defend against these attacks. However, we do not have a reliable method for evaluating a cache's resilience against different classes of cache side-channel attacks, which is the goal of this paper. We first propose a novel probabilistic information flow graph (PIFG) to model the interaction between the victim program, the attacker program and the cache architecture. From this model, we derive a new metric, the Probability of Attack Success (PAS), which gives a quantitative measure for evaluating a cache's resilience against a given class of cache side-channel attacks. We show the generality of our model and metric by applying them to evaluate nine different cache architectures against all four classes of cache side-channel attacks. Our new methodology, model and metric can help verify the security provided by different proposed secure cache architectures, and compare them in terms of their resilience to cache side-channel attacks, without the need for simulation or taping out a chip.
ISBN:1450349528
9781450349529
ISSN:2379-3155
DOI:10.1145/3123939.3124546