Side-channel vulnerability factor
- 5 September 2012
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGARCH Computer Architecture News
- Vol. 40 (3), 106-117
- https://doi.org/10.1145/2366231.2337172
Abstract
There have been many attacks that exploit side-effects of program execution to expose secret information and many proposed countermeasures to protect against these attacks. However there is currently no systematic, holistic methodology for understanding information leakage. As a result, it is not well known how design decisions affect information leakage or the vulnerability of systems to side-channel attacks. In this paper, we propose a metric for measuring information leakage called the Side-channel Vulnerability Factor (SVF). SVF is based on our observation that all side-channel attacks ranging from physical to microarchitectural to software rely on recognizing leaked execution patterns. SVF quantifies patterns in attackers' observations and measures their correlation to the victim's actual execution patterns and in doing so captures systems' vulnerability to side-channel attacks. In a detailed case study of on-chip memory systems, SVF measurements help expose unexpected vulnerabilities in whole-system designs and shows how designers can make performance-security trade-offs. Thus, SVF provides a quantitative approach to secure computer architecture.Keywords
This publication has 10 references indexed in Scilit:
- Cache Games -- Bringing Access-Based Cache Attacks on AES to PracticePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Side-Channel Leaks in Web Applications: A Reality Today, a Challenge TomorrowPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- A novel cache architecture with enhanced performance and securityPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- Deconstructing new cache designs for thwarting software cache-based side channel attacksPublished by Association for Computing Machinery (ACM) ,2008
- New cache designs for thwarting software cache-based side channel attacksACM SIGARCH Computer Architecture News, 2007
- Cache Attacks and Countermeasures: The Case of AESLecture Notes in Computer Science, 2006
- Data Cache Prefetching Using a Global History BufferIEEE Micro, 2005
- Discovering and exploiting program phasesIEEE Micro, 2003
- Defending against cache-based side-channel attacksInformation Security Technical Report, 2003
- Effective hardware-based data prefetching for high-performance processorsInternational Conference on Acoustics, Speech, and Signal Processing (ICASSP), 1995