How secure is your cache against side-channel attacks?

Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:MICRO-50 : the 50th annual IEEE/ACM International Symposium on Microarchitecture : proceedings : October 14-18, 2017, Cambridge, MA S. 341 - 353
Hauptverfasser: He, Zecheng, Lee, Ruby B.
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: New York, NY, USA ACM 14.10.2017
Schriftenreihe:ACM Conferences
Schlagworte:
Cache
Computer architecture
Computer systems organization > Dependable and fault-tolerant systems and networks > Processors and memory architectures
Encryption
General and reference > Cross-computing tools and techniques > Evaluation
Measurement
quantification
Resilience
Security and privacy > Security in hardware > Hardware attacks and countermeasures > Side-channel analysis and countermeasures
security modeling
side-channel attack
Side-channel attacks
cache
quantification
side-channel attack
security modeling
ISBN:1450349528, 9781450349529
ISSN:2379-3155
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Abstract Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers, but an intrinsic property of all caches - the different access times for cache hits and misses - is the property exploited to leak information in time-based cache side-channel attacks. Recently, different secure cache architectures have been proposed to defend against these attacks. However, we do not have a reliable method for evaluating a cache's resilience against different classes of cache side-channel attacks, which is the goal of this paper. We first propose a novel probabilistic information flow graph (PIFG) to model the interaction between the victim program, the attacker program and the cache architecture. From this model, we derive a new metric, the Probability of Attack Success (PAS), which gives a quantitative measure for evaluating a cache's resilience against a given class of cache side-channel attacks. We show the generality of our model and metric by applying them to evaluate nine different cache architectures against all four classes of cache side-channel attacks. Our new methodology, model and metric can help verify the security provided by different proposed secure cache architectures, and compare them in terms of their resilience to cache side-channel attacks, without the need for simulation or taping out a chip.
AbstractList Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers, but an intrinsic property of all caches - the different access times for cache hits and misses - is the property exploited to leak information in time-based cache side-channel attacks. Recently, different secure cache architectures have been proposed to defend against these attacks. However, we do not have a reliable method for evaluating a cache's resilience against different classes of cache side-channel attacks, which is the goal of this paper. We first propose a novel probabilistic information flow graph (PIFG) to model the interaction between the victim program, the attacker program and the cache architecture. From this model, we derive a new metric, the Probability of Attack Success (PAS), which gives a quantitative measure for evaluating a cache's resilience against a given class of cache side-channel attacks. We show the generality of our model and metric by applying them to evaluate nine different cache architectures against all four classes of cache side-channel attacks. Our new methodology, model and metric can help verify the security provided by different proposed secure cache architectures, and compare them in terms of their resilience to cache side-channel attacks, without the need for simulation or taping out a chip.
Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are essential for the performance of modern computers, but an intrinsic property of all caches - the different access times for cache hits and misses - is the property exploited to leak information in time-based cache side-channel attacks. Recently, different secure cache architectures have been proposed to defend against these attacks. However, we do not have a reliable method for evaluating a cache's resilience against different classes of cache side-channel attacks, which is the goal of this paper.We first propose a novel probabilistic information flow graph (PIFG) to model the interaction between the victim program, the attacker program and the cache architecture. From this model, we derive a new metric, the Probability of Attack Success (PAS), which gives a quantitative measure for evaluating a cache's resilience against a given class of cache side-channel attacks. We show the generality of our model and metric by applying them to evaluate nine different cache architectures against all four classes of cache side-channel attacks. Our new methodology, model and metric can help verify the security provided by different proposed secure cache architectures, and compare them in terms of their resilience to cache side-channel attacks, without the need for simulation or taping out a chip.
Author Lee, Ruby B.
He, Zecheng
Author_xml – sequence: 1
  givenname: Zecheng
  surname: He
  fullname: He, Zecheng
  email: zechengh@princeton.edu
  organization: Princeton University
– sequence: 2
  givenname: Ruby B.
  surname: Lee
  fullname: Lee, Ruby B.
  email: rblee@princeton.edu
  organization: Princeton University
BookMark eNqNkD1PwzAURc2XRFs6M7B4ZEmx_WzHnhCqgCJVYoHZsp1nGtomKE6F-u8JagdGpivdo3uHMybnTdsgIdeczTiX6g64AAt2NqRUUp-Q8dAykFYJc0pGAkpbAFfq7C-4JNOcPxljgpdWcxgRvWi_aca465DWme7bXUejjyuk_sPXTe5priss4so3DW6o73sf1_n-ilwkv8k4PeaEvD89vs0XxfL1-WX-sCw8cOgLrlkMwqpoKpZsQpAASVYhpMCFESjBWJMwGlVKWwFPRkiZjIqog0m-ggm5OfzWiOi-unrru70z2mity4HODtTHrQttu86OM_erxx31uKMeF7oa0zC4_ecAfgBn4mGr
ContentType Conference Proceeding
Copyright 2017 ACM
Copyright_xml – notice: 2017 ACM
DBID 6IE
6IL
CBEJK
RIE
RIL
DOI 10.1145/3123939.3124546
DatabaseName IEEE Electronic Library (IEL) Conference Proceedings
IEEE Xplore POP ALL
IEEE Xplore All Conference Proceedings
IEEE Electronic Library (IEL)
IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList

Database_xml – sequence: 1
  dbid: RIE
  name: IEEE Electronic Library (IEL)
  url: https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISBN 1450349528
9781450349529
EISSN 2379-3155
EndPage 353
ExternalDocumentID 8686667
Genre orig-research
GroupedDBID 6IE
6IF
6IL
6IN
AAJGR
ABLEC
ACM
ADPZR
ALMA_UNASSIGNED_HOLDINGS
APO
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
CBEJK
GUFHI
IEGSK
OCL
RIB
RIC
RIE
RIL
AAWTH
LHSKQ
ID FETCH-LOGICAL-a313t-160cb295c8d0f9fe3433f4dbbfb1282e43898fec85749d31f8244f85ce6b8fad3
IEDL.DBID RIE
ISBN 1450349528
9781450349529
ISICitedReferencesCount 48
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000455679300026&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
IngestDate Wed Aug 27 02:38:44 EDT 2025
Wed Jan 31 06:40:42 EST 2024
IsPeerReviewed false
IsScholarly true
Keywords cache
quantification
side-channel attack
security modeling
Language English
License Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Permissions@acm.org
LinkModel DirectLink
MeetingName MICRO-50: The 50th Annual IEEE/ACM International Symposium on Microarchitecture
MergedId FETCHMERGED-LOGICAL-a313t-160cb295c8d0f9fe3433f4dbbfb1282e43898fec85749d31f8244f85ce6b8fad3
PageCount 13
ParticipantIDs acm_books_10_1145_3123939_3124546_brief
ieee_primary_8686667
acm_books_10_1145_3123939_3124546
PublicationCentury 2000
PublicationDate 2017-10-14
PublicationDateYYYYMMDD 2017-10-14
PublicationDate_xml – month: 10
  year: 2017
  text: 2017-10-14
  day: 14
PublicationDecade 2010
PublicationPlace New York, NY, USA
PublicationPlace_xml – name: New York, NY, USA
PublicationSeriesTitle ACM Conferences
PublicationTitle MICRO-50 : the 50th annual IEEE/ACM International Symposium on Microarchitecture : proceedings : October 14-18, 2017, Cambridge, MA
PublicationTitleAbbrev MICRO
PublicationYear 2017
Publisher ACM
Publisher_xml – name: ACM
SSID ssj0002179613
ssib030238632
ssib042476800
ssib023363937
Score 2.3449326
Snippet Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these,...
SourceID ieee
acm
SourceType Publisher
StartPage 341
SubjectTerms Cache
Computer architecture
Computer systems organization -- Dependable and fault-tolerant systems and networks -- Processors and memory architectures
Encryption
General and reference -- Cross-computing tools and techniques -- Evaluation
Measurement
quantification
Resilience
Security and privacy -- Security in hardware -- Hardware attacks and countermeasures -- Side-channel analysis and countermeasures
security modeling
side-channel attack
Side-channel attacks
Title How secure is your cache against side-channel attacks?
URI https://ieeexplore.ieee.org/document/8686667
WOSCitedRecordID wos000455679300026&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3PS8MwGP3YhgdP_tjE-YsIghfj2iZNk5MHcew0dlDYraTpFxloJ2un-N-bdN2mIIi3Enoojy99X3689wCuHGNhKBRSKbSgnOuYSpUpqqRkRgQYRNrWYRPJeCynUzVpwc1GC4OI9eUzvPWP9Vl-PjdLv1U2kEK6bjtpQztJxEqrta6diDHBvlGtz8KRYquZ5BF3jXVjRef_0q4VV47KGrefkMcDFno7MOVWsRGPfUPc1ub1R-hKzTnDvf997T70tuI9MtnQ0gG0sDiEvXV6A2kmcxfEaP5BSr_djmRWkk9XVMR4e2ein_XMdY3EJ3lSrwwu8IXoqvJy_LsePA0fHu9HtElRoJqFrKKhCEwWqdjIPLDKIuOMWZ5nmc0cN0Xo48-lRSPjhKuchVY6xrcyNigyaXXOjqBTzAs8BpKjkg4ZZRKFbu5rHaIOElSZVDEKVH24dJClfnlQpivFc5w2sKYNrH24_vOdNFvM0Pah60FN31a2G2mD58nvw6ewG3nG9ZdN-Bl0qsUSz2HHvFezcnFR18oXIbK07A
linkProvider IEEE
linkToHtml http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NS8NAFHxoFfRUtYr1cwXBi9Eku9nsnjyIUlGLB4XewmbzVgraSpsq_nv3pakfIIi3sOQQhreZtx8zA3DoGQsjqTFQ0shACJMESuc60EpxK0MMY-OqsIm021W9nr6bg-NPLQwiVpfP8IQeq7P8YmgntFV2qqTy3XY6DwuUnFWrtWbVE3Mu-TeypTQcJb9UkyIWvrWuzejoP-2bce3JrPb7iURyyiMyBNN-HRuLhFrieWOff8SuVKxz2fzf967A-pd8j919EtMqzOFgDZqz_AZWT-cWyM7wjY1pwx1Zf8zefVkxSwbPzDyavu8bGWV5BqQNHuATM2VJgvyzdXi4vLg_7wR1jkJgeMTLIJKhzWOdWFWETjvkgnMnijx3uWenGCkAXTm0KkmFLnjklOd8pxKLMlfOFHwDGoPhADeBFaiVR0bbVKOf_cZEaMIUda50ghJ1Gw48ZBktEMbZVPOcZDWsWQ1rG47-fCfLR310bWgRqNnL1Hgjq_Hc-n14H5Y697c32c1V93oblmPiX7p6InagUY4muAuL9rXsj0d7Vd18AMUMuDU
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+of+the+50th+Annual+IEEE%2FACM+International+Symposium+on+Microarchitecture&rft.atitle=How+secure+is+your+cache+against+side-channel+attacks%3F&rft.au=He%2C+Zecheng&rft.au=Lee%2C+Ruby+B.&rft.series=ACM+Conferences&rft.date=2017-10-14&rft.pub=ACM&rft.isbn=1450349528&rft.spage=341&rft.epage=353&rft_id=info:doi/10.1145%2F3123939.3124546
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781450349529/lc.gif&client=summon&freeimage=true
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781450349529/mc.gif&client=summon&freeimage=true
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9781450349529/sc.gif&client=summon&freeimage=true