Abstract
Cache side-channel attacks have become a significant security threat across a variety of hardware architectures. By observing which sets of a cache are accessed by the victim, the attacker gleans critical information about the address bits in the victim’s access, thereby revealing portions of secret keys used by encryption algorithms (or other sensitive information). Fundamentally, this ability to deduce information about addresses given the accessed sets depends on knowing (or discovering) how addresses are mapped to cache sets by hardware.
In this work, we evaluate the security of the various cache mapping functions. Using an information-theoretic formulation, our framework (denoted CHASM) estimates the number of address bits that are likely leaked by different mapping schemes. Our analysis leads to several new insights. One, all one-to-one schemes that map n set-index address bits to \(2^n\) set-indices leak all n bits. Two, based on memory footprint, programs often leak several additional (viz., tag) bits (e.g., AES leaks 39 bits out of 42 at L2). Three, tag bits leak even with the use of address space layout randomization (16–33 bits). Four, the use of huge pages in order to reduce pressure on TLBs increases leakage (5 additional bits on average). Since many of these techniques have opposing impact on performance and security, we use a new security-delay ratio metric to jointly evaluate mapping schemes for both performance and security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In this paper we do not directly address attacks based on speculative execution or techniques to mitigate them.
- 2.
Partitioning techniques do not prevent certain types of attacks [35].
- 3.
- 4.
For small bit counts, a table lookup can be used.
- 5.
In the original work, this scheme was applied to the shared L3 cache.
- 6.
In our case, leakage in bit i would depend on all other 40–50 bits requiring \(2^{40}-2^{50}\) probabilities to be estimated.
- 7.
We stop at \(a_6\) as bits \(a_0\) through \(a_5\) are block offset bits that have no impact on cache mapping. In this paper we assume 64-byte cache blocks.
- 8.
As stated previously, we assume a 64-byte cache line size, and 48-bit addresses.
- 9.
SPEC and Cryptography workloads exhibit similar trends and for brevity, we omit their details here.
- 10.
For lack of space, we omitted the Rotate-3 scheme as its leakage is exactly the same as that of Modulo.
References
Huge Pages - The Linux Kernel Archives. https://www.kernel.org/doc/Documentation/vm/hugetlbpage.txt
Pagemap, From the Userspace Perspective. https://www.kernel.org/doc/Documentation/vm/pagemap.txt
Transparent Hugepage Support. https://www.kernel.org/doc/Documentation/vm/transhuge.txt
Ambrose, J.A., Ragel, R.G., Jayasinghe, D., Li, T., Parameswaran, S.: Side channel attacks in embedded systems: a tale of hostilities and deterrence. In: Sixteenth International Symposium on Quality Electronic Design, pp. 452–459, March 2015
Bernstein, D.J.: Cache-timing attacks on AES. Technical report (2005)
Bonneau, J., Mironov, I.: Cache-collision timing attacks against AES. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 201–215. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_16
Doweck, J., et al.: Inside 6th-generation intel core: new microarchitecture code-named Skylake. IEEE Micro 37(2), 52–62 (2017)
Doychev, G., Feld, D., Köpf, B., Mauborgne, L., Reineke, J.: CacheAudit: a tool for the static analysis of cache side channels. In: Proceedings of the 22nd USENIX Conference on Security, Series SEC 2013, pp. 431–446. USENIX Association, Berkeley (2013). http://dl.acm.org/citation.cfm?id=2534766.2534804
Givargis, T.: Improved indexing for cache miss reduction in embedded systems. In: Proceedings of the 40th Annual Design Automation Conference, Series, DAC 2003 (2003). https://doi.org/10.1145/775832.776052
Hazelwood, K.M., Klauser, A.: A dynamic binary instrumentation engine for the ARM architecture. In: Hong, S., Wolf, W.H., Flautner, K., Kim, T. (eds.) Proceedings of the 2006 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems, CASES 2006, Seoul, Korea, 22–25 October 2006 (2006). https://doi.org/10.1145/1176760.1176793
He, Z., Lee, R.B.: How secure is your cache against side-channel attacks? In: Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture, Series MICRO-50 2017, pp. 341–353. ACM, New York (2017). https://doi.org/10.1145/3123939.3124546
Henning, J.L.: SPEC CPU2006 benchmark descriptions. SIGARCH Comput. Archit. News 34(4), 1–17 (2006). https://doi.org/10.1145/1186736.1186737
Intel: Introduction to Cache Allocation Technology in the Intel® Xeon® processor E5 v4 family (2016). https://software.intel.com/en-us/articles/introduction-to-cache-allocation-technology
Issa, I., Wagner, A.B., Kamath, S.: An operational approach to information leakage. CoRR, vol. abs/1807.07878 (2018). http://arxiv.org/abs/1807.07878
Kavi, K., Nwachukwu, I., Fawibe, A.: A comparative analysis of performance improvement schemes for cache memories. Comput. Electr. Eng. 38(2), 243–257 (2012). https://doi.org/10.1016/j.compeleceng.2011.12.008
Kharbutli, M., Irwin, K., Solihin, Y., Lee, J.: Using prime numbers for cache indexing to eliminate conflict misses. In: Proceedings of the 10th International Symposium on High Performance Computer Architecture, Series HPCA 2004, p. 288. IEEE Computer Society, Washington, DC (2004). https://doi.org/10.1109/HPCA.2004.10015
Kiriansky, V., Lebedev, I., Amarasinghe, S., Devadas, S., Emer, J.: DAWG: a defense against cache timing attacks in speculative execution processors. In: Proceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture, Series MICRO-51, pp. 974–987. IEEE Press, Piscataway (2018). https://doi.org/10.1109/MICRO.2018.00083
Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: Proceedings of the 2015 IEEE Symposium on Security and Privacy, Series SP 2015, pp. 605–622. IEEE Computer Society, Washington, DC (2015). https://doi.org/10.1109/SP.2015.43
Luk, C.-K., et al.: Pin: building customized program analysis tools with dynamic instrumentation. In: Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, Series PLDI 2005, pp. 190–200. ACM, New York (2005). https://doi.org/10.1145/1065010.1065034
Maurice, C., Le Scouarnec, N., Neumann, C., Heen, O., Francillon, A.: Reverse engineering Intel last-level cache complex addressing using performance counters. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 48–65. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26362-5_3
Mushtaq, M., Akram, A., Bhatti, M.K., Rais, R.N.B., Lapotre, V., Gogniat, G.: Run-time detection of prime + probe side-channel attack on AES encryption algorithm. In: 2018 Global Information Infrastructure and Networking Symposium (GIIS), pp. 1–5, October 2018
Nwachukwu, I., Kavi, K., Ademola, F., Yan, C.: Evaluation of techniques to improve cache access uniformities. In: 2011 International Conference on Parallel Processing, pp. 31–40, September 2011
Pax: Address space layout randomization ASLR (2003). http://pax.grsecuritynet/docs/aslr.txt
Qureshi, M.K.: CEASER: mitigating conflict-based cache attacks via encrypted-address and remapping. In: Proceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture, Series MICRO-51, pp. 775–787. IEEE Press, Piscataway (2018). https://doi.org/10.1109/MICRO.2018.00068
Shelor, C., Kavi, K.: Moola: multicore cache simulator. In: 30th International Conference on Computers and Their Applications, CATA-2015 (2015)
Trilla, D., Hernandez, C., Abella, J., Cazorla, F.: Cache side-channel attacks and time-predictability in high-performance critical real-time systems, pp. 1–6, June 2018
Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. J. Cryptol. 23(1), 37–71 (2010). https://doi.org/10.1007/s00145-009-9049-y
Umbelino, P.: ASLR cache attack defeats address space layout randomization (2017). https://hackaday.com/2017/02/15/aslrcache-attack-defeats-address-space-layout-randomization/
Wagner, I., Eckhoff, D.: Technical privacy metrics: a systematic survey. CoRR, vol. abs/1512.00327 (2015). http://arxiv.org/abs/1512.00327
Werner, M., Unterluggauer, T., Giner, L., Schwarz, M., Gruss, D., Mangard, S.: ScatterCache: thwarting cache attacks via cache set randomization. In: Heninger, N., Traynor, P. (eds.) 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, 14–16 August 2019 (2019). https://www.usenix.org/conference/usenixsecurity19/presentation/werner
Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, L3 cache side-channel attack. In: Proceedings of the 23rd USENIX Conference on Security Symposium, Series SEC 2014 (2014). http://dl.acm.org/citation.cfm?id=2671225.2671271
Yarom, Y., Ge, Q., Liu, F., Lee, R.B., Heiser, G.: Mapping the intel last-level cache. Cryptology ePrint Archive, Report 2015/905 (2015). https://eprint.iacr.org/2015/905
Zankl, A., Heyszl, J., Sigl, G.: Automated detection of instruction cache leaks in modular exponentiation software. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 228–244. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_14
Zhang, N., Sun, K., Shands, D., Lou, W., Hou, Y.T.: TruSpy: cache side-channel information leakage from the secure world on arm devices. Cryptology ePrint Archive, Report 2016/980 (2016). https://eprint.iacr.org/2016/980
Zhang, Y.: Cache side channels: state of the art and research opportunities. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Series CCS 2017, pp. 2617–2619. ACM, New York (2017). https://doi.org/10.1145/3133956.3136064
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Mosquera, F., Gulur, N., Kavi, K., Mehta, G., Sun, H. (2020). CHASM: Security Evaluation of Cache Mapping Schemes. In: Orailoglu, A., Jung, M., Reichenbach, M. (eds) Embedded Computer Systems: Architectures, Modeling, and Simulation. SAMOS 2020. Lecture Notes in Computer Science(), vol 12471. Springer, Cham. https://doi.org/10.1007/978-3-030-60939-9_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-60939-9_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-60938-2
Online ISBN: 978-3-030-60939-9
eBook Packages: Computer ScienceComputer Science (R0)