skip to main content
10.1145/1250662.1250723acmconferencesArticle/Chapter ViewAbstractPublication PagesiscaConference Proceedingsconference-collections
Article

New cache designs for thwarting software cache-based side channel attacks

Published: 09 June 2007 Publication History

Abstract

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose systems. The attacks are easy to perform, effective on most platforms, and do not require special instruments or excessive computation power. In recently demonstrated attacks on software implementations of ciphers like AES and RSA, the full key can be recovered by an unprivileged user program performing simple timing measurements based on cache misses.
We first analyze these attacks, identifying cache interference as the root cause of these attacks. We identify two basic mitigation approaches: the partition-based approach eliminates cache interference whereas the randomization-based approach randomizes cache interference so that zero information can be inferred. We present new security-aware cache designs, the Partition-Locked cache (PLcache) and Random Permutation cache (RPcache), analyze and prove their security, and evaluate their performance. Our results show that our new cache designs with built-in security can defend against cache-based side channel attacks in general-rather than only specific attacks on a given cryptographic algorithm-with very little performance degradation and hardware cost.

References

[1]
E. Biham and A. Shamir, "Differential Cryptanalysis of DES-like Cryptosystems," Journal of Cryptology, vol. 4, no. 1, pp.3--72, 1991.
[2]
M. Matsui, "Linear Cryptanalysis Method for DES Cipher", Advances in Cryptology-EUROCRYPT'93 (Lecture Notes in Computer Science no. 765), Springer-Verlag, pp. 386--397, 1994.
[3]
Paul Kocher, Ruby B. Lee, Gary McGraw, Anand Raghuna-than, and Srivaths Ravi, Security as a New Dimension in Embedded System Design, Proceedings of the Design Automation Conference (DAC), pp. 753--760, June 2004.
[4]
C. Kocher, J. Jaffe, and B. Jun. Differential power analysis, In Advances in Cryptology--CRYPTO'99, vol. 1666 of Lecture Notes in Computer Science, pp. 388--397. Springer-Verlag, 1999.
[5]
D.J. Bernstein, "Cache-timing Attacks on AES," available at: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
[6]
C. Percival, "Cache Missing for Fun and Profit," available at: http://www.daemonology.net/papers/htt.pdf
[7]
D. A. Osvik, A. Shamir and E. Tromer, "Cache attacks and Countermeasures: the Case of AES", Cryptology ePrint Archive, Report 2005/271, 2005.
[8]
Michael Neve and Jean-Pierre Seifert. Advances on access-driven cache attacks on AES. In SAC'06, to appear.
[9]
Ernie Brickell and Gary Graunke and Michael Neve and Jean-Pierre Seifert. Software mitigations to hedge AES against cache-based software side channel vulnerabilities. IACR ePrint Archive, Report 2006/052, Feb 2006.
[10]
P. Shivakumar and N. Jouppi. Cacti 3.0: An integrated cache timing, power, and area model. Technical report, COMPAQ Western Research Lab, 2001.
[11]
T. Cover and J. Thomas, "Elements of Information Theory," John Wiley & Sons Inc., New York, 1991.
[12]
M-Sim v2.0, http://www.cs.binghamton.edu/~jsharke/m-sim/
[13]
Wei-Ming Hu, Lattice scheduling and covert channels, IEEE Symposium on Security and Privacy, 52--61, IEEE, 1992.
[14]
Daniel Page, Theoretical use of cache memory as a crypt-analytic side-channel, technical report CSTR-02-003, Department of Computer Science, University of Bristol, 2002.
[15]
Yukiyasu Tsunoo, Etsuko Tsujihara, Kazuhiko Minematsu, Hiroshi Miyauchi, Cryptanalysis of block ciphers implemented on computers with cache, proc. International Symposium on Information Theory and its Applications, pp.803--806, 2002.
[16]
Yukiyasu Tsunoo, Teruo Saito, Tomoyasu Suzaki, Maki Shigeri, Hiroshi Miyauchi, "Cryptanalysis of DES implemented on computers with cache," Proc. CHES 2003, LNCS 2779, 62--76, 2003.
[17]
Onur Aciçmez, Werner Schindler, and Çetin Kaya Koç, Cache Based Remote Timing Attack on the AES, to appear in RSA Conference 2007, Cryptographers' Track.
[18]
D. Page, "Partitioned Cache Architecture as a Side-Channel Defense Mechanism", Cryptology ePrint Archive, Report 2005/280, 2005.
[19]
X. Zhuang, T. Zhang, and S. Pande, "HIDE: an infrastruc-ture for efficiently protecting information leakage on the address bus", ACM 11thInternational Conference on Architecture Support for Programming Language and Operating Systems, 2004.

Cited By

View all
  • (2025)SAluMC: Thwarting Side-Channel Attacks via Random Number Injection in RISC-VEntropy10.3390/e2702020227:2(202)Online publication date: 14-Feb-2025
  • (2025)PreSIT: Predict Cryptography Computations in SGX-Style Integrity TreesIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344826444:3(882-896)Online publication date: Mar-2025
  • (2025)Online Paging with Heterogeneous Cache SlotsAlgorithmica10.1007/s00453-024-01270-z87:1(89-131)Online publication date: 1-Jan-2025
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ISCA '07: Proceedings of the 34th annual international symposium on Computer architecture
June 2007
542 pages
ISBN:9781595937063
DOI:10.1145/1250662
  • General Chair:
  • Dean Tullsen,
  • Program Chair:
  • Brad Calder
  • cover image ACM SIGARCH Computer Architecture News
    ACM SIGARCH Computer Architecture News  Volume 35, Issue 2
    May 2007
    527 pages
    ISSN:0163-5964
    DOI:10.1145/1273440
    Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 June 2007

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. cache
  2. computer architecture
  3. processor
  4. security
  5. side channel
  6. timing attacks

Qualifiers

  • Article

Conference

SPAA07
Sponsor:

Acceptance Rates

Overall Acceptance Rate 543 of 3,203 submissions, 17%

Upcoming Conference

ISCA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)153
  • Downloads (Last 6 weeks)16
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)SAluMC: Thwarting Side-Channel Attacks via Random Number Injection in RISC-VEntropy10.3390/e2702020227:2(202)Online publication date: 14-Feb-2025
  • (2025)PreSIT: Predict Cryptography Computations in SGX-Style Integrity TreesIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344826444:3(882-896)Online publication date: Mar-2025
  • (2025)Online Paging with Heterogeneous Cache SlotsAlgorithmica10.1007/s00453-024-01270-z87:1(89-131)Online publication date: 1-Jan-2025
  • (2024)A Study of Mitigation Methods for Speculative Cache Side Channel Attacksundefined10.12794/metadc2332527Online publication date: May-2024
  • (2024)Non-Fusion Based Coherent Cache Randomization Using Cross-Domain AccessesProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3645011(186-202)Online publication date: 1-Jul-2024
  • (2024)On The Effect of Replacement Policies on The Security of Randomized Cache ArchitecturesProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637677(483-497)Online publication date: 1-Jul-2024
  • (2024)Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch PredictorProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651382(770-784)Online publication date: 27-Apr-2024
  • (2024)Rubix: Reducing the Overhead of Secure Rowhammer Mitigations via Randomized Line-to-Row MappingProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640404(1014-1028)Online publication date: 27-Apr-2024
  • (2024)SCAFinder: Formal Verification of Cache Fine-Grained Features for Side Channel DetectionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.345200219(8079-8093)Online publication date: 2024
  • (2024)RECAST: Mitigating Conflict-Based Cache Attacks Through Fine-Grained Dynamic MappingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.336886219(3758-3771)Online publication date: 2024
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media