skip to main content
10.1145/2757667.2757672acmconferencesArticle/Chapter ViewAbstractPublication PagessystorConference Proceedingsconference-collections
research-article

Disruptive prefetching: impact on side-channel attacks and cache designs

Published: 26 May 2015 Publication History

Abstract

Caches are integral parts in modern computers; they leverage the memory access patterns of a program to mitigate the gap between the fast processors and slow memory components.
Unfortunately, the behavior of caches can be exploited by attackers to infer the program's memory access patterns, by carrying out cache-based side-channel attacks, which can leak critical information.
Secure caches that were proposed employ cache partitioning or randomized memory-to-cache mapping techniques to prevent these attacks. Such techniques may add to the complexity of cache designs.
In this work, we suggest the use of specialized prefetching algorithms for the purpose of protecting from cache-based side-channel attacks. Our prefetchers can be combined with conventional set associative cache designs, are simple to employ, and require low incremental hardware overhead costs, if the base prefetching scheme is already employed.
We integrated our prefetching policies with commonly used GHB and stride prefetching schemes, and compared their performance with the standard implementations of those schemes, on both conventional and secure cache designs. More specifically, our results show that the use of our secure prefetching policy delivers original prefetching performance when integrated with a stride prefetcher. Finally, we demonstrate how a disruptive prefetching scheme can protect the cache from an access based side-channel attack.

References

[1]
ARM (2010). Cortex-A8 Technical Reference Manual. http://infocenter.arm.com/help/topic/com.arm.doc.subset.cortexa.a8/.
[2]
Bernstein, D. J. (2005). Cache-timing attacks on aes.
[3]
Binkert, N., Beckmann, B., Black, G., Reinhardt, S. K., Saidi, A., Basu, A., Hestness, J., Hower, D. R., Krishna, T., Sardashti, S., Sen, R., Sewell, K., Shoaib, M., Vaish, N., Hill, M. D., and Wood, D. A. (2011). The gem5 simulator. Computer Architecture News, 39(2): 1--7.
[4]
Bonneau, J. and Mironov, I. (2006). Cache-Collision Timing Attacks Against AES. Cryptographic Hardware and Embedded Systems, 8: 201--215.
[5]
Daemen, J. and Rijmen, V. (1999). Aes proposal: Rijndael. NIST Web page.
[6]
Doweck, J. (2006). White paper: Inside microarchitecture and smart memory access.
[7]
Fu, J. W. C., Patel, J. H., and Janssens, B. L. (1992). Stride directed prefetching in scalar processors. In Intl. Symp. on Microarchitecture (MICRO).
[8]
Jaleel, A. (2009). Memory characterization of workloads using instrumentation-driven simulation.
[9]
Jana, S. and Shmatikov, V. (2012). Memento: Learning secrets from process footprints. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 143--157. IEEE.
[10]
Kim, T., Peinado, M., and Mainar-Ruiz, G. (2012). Stealthmem: System-level protection against cache-based side channel attacks in the cloud. In USENIX Security symposium, pages 189--204.
[11]
Lee, R. B. (2013). Security basics for computer architects. Synthesis Lectures on Computer Architecture, 8(4): 1--111.
[12]
Liu, F. and Lee, R. (2014). Random fill cache architecture. In Microarchitecture (MICRO), 2014 47th Annual IEEE/ACM International Symposium on, pages 203--215.
[13]
Liu, F. and Lee, R. B. (2013). Security testing of a secure cache design. In Proceedings of the 2Nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP '13, pages 3:1--3:8, New York, NY, USA. ACM.
[14]
Nesbit, K. J. and Smith, J. E. (2004). Data cache prefetching using a global history buffer. In Symp. on High-Performance Computer Architecture (HPCA).
[15]
Osvik, D. A., Shamir, A., and Tromer, E. (2006). Cache attacks and countermeasures: the case of aes. In Topics in Cryptology--CT-RSA 2006, pages 1--20. Springer.
[16]
Page, D. (2002). Theoretical use of cache memory as a cryptanalytic side-channel. IACR Cryptology ePrint Archive, 2002: 169.
[17]
Paoloni, G. (2010). How to benchmark code execution times on intel ia-32 and ia-64 instruction set architectures. http://download.intel.com/embedded/software/IA/324264.pdf. {Online; accessed 3-March-2013}.
[18]
Percival, C. (2005). Cache missing for fun and profit.
[19]
Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. (2009). Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security, pages 199--212. ACM.
[20]
Standard Performance Evaluation Corporation (2006). SPEC CPU2006. http://www.spec.org/cpu2006.
[21]
Tromer, E., Osvik, D. A., and Shamir, A. (2010). Efficient cache attacks on aes, and countermeasures. J. Cryptol., 23(2): 37--71.
[22]
Wang, Z. and Lee, R. B. (2007). New cache designs for thwarting software cache-based side channel attacks. In ACM SIGARCH Computer Architecture News, volume 35, pages 494--505. ACM.
[23]
Wang, Z. and Lee, R. B. (2008). A novel cache architecture with enhanced performance and security. In Microarchitecture, 2008. MICRO-41. 2008 41st IEEE/ACM International Symposium on, pages 83--93. IEEE.
[24]
Wu, Z., Xu, Z., andWang, H. (2012). Whispers in the hyper-space: High-speed covert channel attacks in the cloud. In USENIX Security Symposium, pages 159--173.
[25]
Wulf, W. A. and McKee, S. A. (1995). Hitting the memory wall: Implications of the obvious. SIGARCH Comput. Archit. News, 23(1): 20--24.
[26]
Yarom, Y. and Falkner, K. E. (2013). Flush+ reload: a high resolution, low noise, l3 cache side-channel attack. IACR Cryptology ePrint Archive, 2013: 448.
[27]
Zhang, Y. and Reiter, M. K. (2013). Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 827--838. ACM.

Cited By

View all
  • (2024) Prefender: A Pref etching Def en der Against Cache Side Channel Attacks as a Preten der IEEE Transactions on Computers10.1109/TC.2024.337789173:6(1457-1471)Online publication date: Jun-2024
  • (2023)(M)WAIT for itProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620644(7267-7284)Online publication date: 9-Aug-2023
  • (2023)Microarchitectural Side-Channel Threats, Weaknesses and Mitigations: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.327575711(48945-48976)Online publication date: 2023
  • Show More Cited By

Index Terms

  1. Disruptive prefetching: impact on side-channel attacks and cache designs

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      SYSTOR '15: Proceedings of the 8th ACM International Systems and Storage Conference
      May 2015
      183 pages
      ISBN:9781450336079
      DOI:10.1145/2757667
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 26 May 2015

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. cache prefetching
      2. computer architecture
      3. microarchitecture
      4. secure hardware
      5. side-channel attacks

      Qualifiers

      • Research-article

      Conference

      SYSTOR 2015
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 108 of 323 submissions, 33%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)26
      • Downloads (Last 6 weeks)3
      Reflects downloads up to 19 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024) Prefender: A Pref etching Def en der Against Cache Side Channel Attacks as a Preten der IEEE Transactions on Computers10.1109/TC.2024.337789173:6(1457-1471)Online publication date: Jun-2024
      • (2023)(M)WAIT for itProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620644(7267-7284)Online publication date: 9-Aug-2023
      • (2023)Microarchitectural Side-Channel Threats, Weaknesses and Mitigations: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.327575711(48945-48976)Online publication date: 2023
      • (2022)Delay-on-Squash: Stopping Microarchitectural Replay Attacks in Their TracksACM Transactions on Architecture and Code Optimization10.1145/356369520:1(1-24)Online publication date: 17-Nov-2022
      • (2021)Streamline: a fast, flushless cache covert-channel attack by enabling asynchronous collusionProceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3445814.3446742(1077-1090)Online publication date: 19-Apr-2021
      • (2021)Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It2021 IEEE Symposium on Security and Privacy (SP)10.1109/SP40001.2021.00050(955-969)Online publication date: May-2021
      • (2021)Aim, Wait, Shoot: How the CacheSniper Technique Improves Unprivileged Cache Attacks2021 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP51992.2021.00051(683-700)Online publication date: Sep-2021
      • (2021)A Survey on Cache Timing Channel Attacks for Multicore ProcessorsJournal of Hardware and Systems Security10.1007/s41635-021-00115-35:2(169-189)Online publication date: 19-May-2021
      • (2021)A Formal Analysis of Prefetching in Profiled Cache-Timing Attacks on Block CiphersJournal of Cryptology10.1007/s00145-021-09394-z34:3Online publication date: 20-May-2021
      • (2020)One Covert Channel to Rule Them All: A Practical Approach to Data Exfiltration in the Cloud2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00053(328-336)Online publication date: Dec-2020
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media