Newcache: Secure Cache Architecture Thwarting Cache Side-Channel Attacks
- 27 October 2016
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Micro
- Vol. 36 (5), 8-16
- https://doi.org/10.1109/mm.2016.85
Abstract
Newcache is a secure cache that can thwart cache side-channel attacks to prevent the leakage of secret information. All caches today are susceptible to cache side-channel attacks, despite software isolation of memory pages in virtual address spaces or virtual machines. These cache attacks can leak secret encryption keys or private identity keys, nullifying any protection provided by strong cryptography. Newcache uses a novel dynamic, randomized memory-to-cache mapping to thwart contention-based side-channel attacks, rather than the static mapping used by conventional set-associative caches. In this article, the authors present an improved design of Newcache, in terms of security, circuit design and simplicity. They show Newcache's security against a suite of cache side-channel attacks. They evaluate Newcache's system performance for cloud computing, smartphone, and SPEC benchmarks and find that Newcache performs as well as conventional set-associative caches, and sometimes better. They also designed a VLSI test chip with a 32-Kbyte Newcache and a 32-Kbyte, eight-way, set-associative cache and verified that the access latency, power, and area of the two caches are comparable. These results show that Newcache can be used as L1 data and instruction caches to improve security without impacting performance.Keywords
This publication has 11 references indexed in Scilit:
- A 32kB secure cache memory with dynamic replacement mapping in 65nm bulk CMOSPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Can randomized mapping secure instruction caches from side-channel attacks?Published by Association for Computing Machinery (ACM) ,2015
- Random Fill Cache ArchitecturePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Security testing of a secure cache designPublished by Association for Computing Machinery (ACM) ,2013
- Cross-VM side channels and their use to extract private keysPublished by Association for Computing Machinery (ACM) ,2012
- Non-monopolizable cachesACM Transactions on Architecture and Code Optimization, 2012
- The gem5 simulatorACM SIGARCH Computer Architecture News, 2011
- New cache designs for thwarting software cache-based side channel attacksPublished by Association for Computing Machinery (ACM) ,2007
- Cache-Collision Timing Attacks Against AESLecture Notes in Computer Science, 2006
- Cache Attacks and Countermeasures: The Case of AESLecture Notes in Computer Science, 2006