CEASER: Mitigating Conflict-Based Cache Attacks via Encrypted-Address and Remapping
- 1 October 2018
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 775-787
- https://doi.org/10.1109/micro.2018.00068
Abstract
Modern processors share the last-level cache between all the cores to efficiently utilize the cache space. Unfortunately, such sharing makes the cache vulnerable to attacks whereby an adversary can infer the access pattern of a co-running application by carefully orchestrating evictions using cache conflicts. Conflict-based attacks can be mitigated by randomizing the location of the lines in the cache. Unfortunately, prior proposals for randomized mapping require storage-intensive tables and are effective only if the OS can classify the applications into protected and unprotected groups. The goal of this paper is to mitigate conflict-based attacks while incurring negligible storage and performance overheads, and without relying on OS support. This paper provides the key insight that randomized mapping can be accomplished efficiently by accessing the cache with an encrypted address, as encryption would cause the lines that map to the same set of a conventional cache to get scattered to different sets. This paper proposes CEASE, a design that uses Low-Latency Block-Cipher (LLBC) to translate the physical line-address into an encrypted line-address, and accesses the cache with this encrypted line-address. We analyze efficient designs for LLBC that can perform encryption and decryption within two cycles. We also propose CEASER, a design that periodically changes the encryption key and performs dynamic-remapping to improve robustness. CEASER provides strong security (tolerates 100+ years of attack), has low performance overhead (1% slowdown), requires a storage overhead of less than 24 bytes for the newly added structures, and does not need any OS support.Keywords
This publication has 16 references indexed in Scilit:
- CATalyst: Defeating last-level cache side channel attacks in cloud computingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Non-monopolizable cachesACM Transactions on Architecture and Code Optimization, 2012
- Enhancing lifetime and security of PCM-based main memory with start-gap wear levelingPublished by Association for Computing Machinery (ACM) ,2009
- XOR-Based Hash FunctionsIEEE Transactions on Computers, 2005
- Automatically characterizing large scale program behaviorACM SIGOPS Operating Systems Review, 2002
- On the Design of S-BoxesPublished by Springer Science and Business Media LLC ,2000
- Eliminating cache conflict misses through XOR-based placement functionsPublished by Association for Computing Machinery (ACM) ,1997
- How to Construct Pseudorandom Permutations from Pseudorandom FunctionsSIAM Journal on Computing, 1988
- Cryptography and Computer PrivacyScientific American, 1973
- Communication Theory of Secrecy Systems*Bell System Technical Journal, 1949