research-article

Public Access

Cape: compiler-aided program transformation for HTM-based cache side-channel defense

Authors:

Michael D. Bond,

Yinqian ZhangAuthors Info & Claims

CC 2022: Proceedings of the 31st ACM SIGPLAN International Conference on Compiler Construction

Pages 181 - 193

https://doi.org/10.1145/3497776.3517778

Published: 18 March 2022 Publication History

Abstract

Cache side-channel attacks pose real threats to computer system security. Prior work called Cloak leverages commodity hardware transactional memory (HTM) to protect sensitive data and code from cache side-channel attacks. However, Cloak requires tedious and error-prone manual modifications to vulnerable software by programmers. This paper presents Cape, a compiler analysis and transformation that soundly and automatically protects programs from cache side-channel attacks using Cloak’s defense. An evaluation shows that Cape provides protection that is as strong as Cloak’s, while performing competitively with Cloak.

References

[1]

2019. OpenSSL. https://www.openssl.org/

[2]

2021. DG. https://github.com/mchalupa/dg

[3]

2021. Intel SDE. https://software.intel.com/content/www/us/en/develop/articles/intel-software-development-emulator.html

[4]

2021. wolfSSL. https://www.wolfssl.com/

[5]

Onur Aciiçmez. 2007. Yet another MicroArchitectural Attack: exploiting I-Cache. In 2007 ACM workshop on Computer security architecture. 11–18.

Digital Library

[6]

Onur Aciiçmez, Billy Bob Brumley, and Philipp Grabher. 2010. New results on instruction cache attacks. In 12th international conference on Cryptographic hardware and embedded systems. 110–124.

Digital Library

[7]

Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman. 2006. Compilers: Principles, Techniques, and Tools (2Nd Edition). Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA.

Digital Library

[8]

Gorka Irazoqui Apecechea, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar. 2014. Wait a minute! A fast, Cross-VM attack on AES. In Cryptology ePrint Archive.

[9]

Manuel Arenaz, Pedro Amoedo, and Juan Touriño. 2008. Efficiently Building the Gated Single Assignment Form in Codes with Pointers in Modern Optimizing Compilers. In Euro-Par. 360–369. isbn:9783540854500 https://doi.org/10.1007/978-3-540-85451-7_39

Digital Library

[10]

Naomi Benger, Joop van de Pol, Nigel P. Smart, and Yuval Yarom. 2014. "Ooh Aah... Just a Little Bit": A small amount of side channel can go a long way. In Cryptology ePrint Archive.

[11]

Burton H. Bloom. 1970. Space/Time Trade-offs in Hash Coding with Allowable Errors. CACM, 13 (1970), 422–426. issn:0001-0782 https://doi.org/10.1145/362686.362692

Digital Library

[12]

Pietro Borrello, Daniele Cono D’Elia, Leonardo Querzoni, and Cristiano Giuffrida. 2021. Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization. In CCS. 715–733. isbn:9781450384544 https://doi.org/10.1145/3460120.3484583

Digital Library

[13]

Zixian Cai, Stephen M. Blackburn, and Michael D. Bond. 2021. Understanding and Utilizing Hardware Transactional Memory Capacity. In ISMM. 1–14. isbn:9781450384483 https://doi.org/10.1145/3459898.3463901

Digital Library

[14]

Marek Chalupa. 2016. Slicing of LLVM Bitcode. Master’s thesis. Masaryk University, Faculty of Informatics, Brno.

[15]

Sanchuan Chen, Fangfei Liu, Zeyu Mi, Yinqian Zhang, Ruby B. Lee, Haibo Chen, and XiaoFeng Wang. 2018. Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 601–608.

Digital Library

[16]

Jong-Deok Choi, Ron Cytron, and Jeanne Ferrante. 1991. Automatic Construction of Sparse Data Flow Evaluation Graphs. In POPL. 55–66. isbn:0897914198 https://doi.org/10.1145/99583.99594

Digital Library

[17]

Bart Coppens, Ingrid Verbauwhede, Koen De Bosschere, and Bjorn De Sutter. 2009. Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors. In 30th IEEE Symposium on Security and Privacy.

Digital Library

[18]

Stephen Crane, Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. 2015. Thwarting cache side-channel attacks through dynamic software diversity. In ISOC Network and Distributed System Security Symposium.

[19]

Goran Doychev, Dominik Feld, Boris Kopf, Laurent Mauborgne, and Jan Reineke. 2013. CacheAudit: A Tool for the Static Analysis of Cache Side Channels. In 22nd USENIX Security Symposium (USENIX Security 13). USENIX.

[20]

Jeanne Ferrante, Karl J. Ottenstein, and Joe D. Warren. 1987. The Program Dependence Graph and Its Use in Optimization. TOPLAS, 9, 3 (1987), 319–349. issn:0164-0925 https://doi.org/10.1145/24039.24041

Digital Library

[21]

B. Goel, R. Titos-Gil, A. Negi, S. A. McKee, and P. Stenstrom. 2014. Performance and Energy Analysis of the Restricted Transactional Memory Implementation on Haswell. In 2014 IEEE 28th International Parallel and Distributed Processing Symposium. 615–624. https://doi.org/10.1109/IPDPS.2014.70

Digital Library

[22]

Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa. 2017. Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory. In USENIX Security. 217–233. isbn:978-1-931971-40-9 https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/gruss

[23]

David Gullasch, Endre Bangerter, and Stephan Krenn. 2011. Cache games – Bringing access-based cache attacks on AES to practice. In 32nd IEEE Symposium on Security and Privacy. 490–505.

Digital Library

[24]

Tim Harris, James Larus, and Ravi Rajwar. 2010. Transactional Memory (2nd ed.). Morgan and Claypool Publishers.

Digital Library

[25]

William Hasenplaugh, Andrew Nguyen, and Nir Shavit. 2015. Quantifying the Capacity Limitations of Hardware Transactional Memory. In 7th Workshop on the Theory of Transactional Memory (WTTM 2015). http://www.gsd.inesc-id.pt/~salaa/wttm2015/html/abstracts/Hasenplaugh.pdf

[26]

Maurice Herlihy and J. Eliot B. Moss. 1993. Transactional Memory: Architectural Support for Lock-Free Data Structures. In ISCA. 289–300. https://doi.org/10.1145/165123.165164

Digital Library

[27]

S. Horwitz, T. Reps, and D. Binkley. 1988. Interprocedural Slicing Using Dependence Graphs. In PLDI. 35–46. https://doi.org/10.1145/53990.53994

Digital Library

[28]

G. Irazoqui, T. Eisenbarth, and B. Sunar. 2015. S$A: A shared cache attack that works across cores and defies VM sandboxing—and its application to AES. In 36th IEEE Symposium on Security and Privacy.

[29]

Chris Lattner and Vikram Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In CGO. 75–88.

[30]

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In IEEE Symposium on Security and Privacy.

[31]

F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee. 2015. Last-level cache side-channel attacks are practical. In 36th IEEE Symposium on Security and Privacy.

[32]

Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In PLDI. 190–200. https://doi.org/10.1145/1065010.1065034

Digital Library

[33]

David Molnar, Matt Piotrowski, David Schultz, and David Wagner. 2005. The program counter security model: automatic detection and removal of control-flow side channel attacks. In 8th international conference on Information Security and Cryptology.

[34]

Takuya Nakaike, Rei Odaira, Matthew Gaudet, Maged M. Michael, and Hisanobu Tomari. 2015. Quantitative Comparison of Hardware Transactional Memory for Blue Gene/Q, ZEnterprise EC12, Intel Core, and POWER8. In Proceedings of the 42nd Annual International Symposium on Computer Architecture (ISCA ’15). Association for Computing Machinery, New York, NY, USA. 144–157. isbn:9781450334020 https://doi.org/10.1145/2749469.2750403

Digital Library

[35]

Michael Neve and Jean-Pierre Seifert. 2007. Advances on access-driven cache attacks on AES. In 13th international conference on Selected areas in cryptography. 147–162.

[36]

Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and countermeasures: the case of AES. In 6th Cryptographers’ track at the RSA conference on Topics in Cryptology. 1–20.

[37]

Colin Percival. 2005. Cache missing for fun and profit. In 2005 BSDCan.

[38]

Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In 24th USENIX Security Symposium.

[39]

Bruno Rodrigues, Fernando Magno Quintão Pereira, and Diego F. Aranha. 2016. Sparse Representation of Implicit Flows with Applications to Side-Channel Detection. In CC. 110–120. isbn:9781450342414 https://doi.org/10.1145/2892208.2892230

Digital Library

[40]

Ming-Wei Shih, Sangho Lee, Taesoo Kim, and Marcus Peinado. 2017. T-SGX: Eradicating controlled-channel attacks against enclave programs. In Network and Distributed Systems Security (NDSS) Symposium.

[41]

Luigi Soares and Fernando Magno Quintão Pereira. 2021. Memory-Safe Elimination of Side Channels. In CGO. 200–210. isbn:9781728186139 https://doi.org/10.1109/CGO51591.2021.9370305

Digital Library

[42]

Eran Tromer, Dag Arne Osvik, and Adi Shamir. 2010. Efficient Cache Attacks on AES, and Countermeasures. J. Cryptol., 23, 2 (2010), Jan., 37–71.

[43]

Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, and Dinghao Wu. 2017. CacheD: Identifying Cache-Based Timing Channels in Production Software. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association.

Digital Library

[44]

Zhaoguo Wang, Hao Qian, Jinyang Li, and Haibo Chen. 2014. Using Restricted Transactional Memory to Build a Scalable In-Memory Database. In Proceedings of the Ninth European Conference on Computer Systems (EuroSys ’14). Association for Computing Machinery, New York, NY, USA. Article 26, 15 pages. isbn:9781450327046 https://doi.org/10.1145/2592798.2592815

Digital Library

[45]

Mark Weiser. 1981. Program Slicing. In ICSE. 439–449.

[46]

Jan Wichelmann, Ahmad Moghimi, Thomas Eisenbarth, and Berk Sunar. [n. d.]. MicroWalk: A Framework for Finding Side Channels in Binaries. In Proceedings of the 34th Annual Computer Security Applications Conference. ACM, 161–173.

[47]

Meng Wu, Shengjian Guo, Patrick Schaumont, and Chao Wang. 2018. Eliminating Timing Side-Channel Leaks Using Program Repair. In ISSTA. 15–26. isbn:9781450356992 https://doi.org/10.1145/3213846.3213851

Digital Library

[48]

Yuan Xiao, Mengyuan Li, Sanchuan Chen, and Yinqian Zhang. 2017. Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). ACM. https://doi.org/10.1145/3133956.3134016

Digital Library

[49]

Yuval Yarom and Naomi Benger. 2014. Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack. In Cryptology ePrint Archive.

[50]

Yuval Yarom and Katrina E. Falkner. 2014. FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack. In 23rd USENIX Security Symposium. 719–732.

[51]

Richard M. Yoo, Christopher J. Hughes, Konrad Lai, and Ravi Rajwar. 2013. Performance Evaluation of Intel Transactional Synchronization Extensions for High-Performance Computing. In SC. 19:1–19:11. https://doi.org/10.1145/2503210.2503232

Digital Library

[52]

Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. 2012. Cross-VM Side Channels and Their Use to Extract Private Keys. In 19th ACM Conference on Computer and Communications Security. 305–316.

Digital Library

[53]

Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. 2014. Cross-tenant side-channel attacks in PaaS clouds. In ACM Conference on Computer & Communications Security. 990–1003.

Digital Library

Cited By

Zhang ZTao MO'Connell SChuengsatiansup CGenkin DYarom YCalandrino JTroncoso C(2023)BunnyHopProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620647(7321-7337)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620647
Soares LCanesche MPereira F(2023)Side-channel Elimination via Partial Control-flow LinearizationACM Transactions on Programming Languages and Systems10.1145/359473645:2(1-43)Online publication date: 26-Jun-2023
https://dl.acm.org/doi/10.1145/3594736

Index Terms

Cape: compiler-aided program transformation for HTM-based cache side-channel defense
1. Security and privacy
  1. Systems security
2. Software and its engineering
  1. Software notations and tools
    1. Compilers

Recommendations

Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

A program's use of CPU caches may reveal its memory access pattern and thus leak sensitive information when the program performs secret-dependent memory accesses. In recent studies, it has been demonstrated that cache side-channel attacks that extract ...
Adaptive Caches as a Defense Mechanism Against Cache Side-Channel Attacks
ASHES'19: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop

Side-channel attacks exploit architectural features of computing systems and algorithmic properties of applications executing on these systems to steal sensitive information. Cache side-channel attacks are more powerful and practical compared to other ...
Architecting against Software Cache-Based Side-Channel Attacks

Using cache-like architectural components including data caches, instruction caches, or branch target buffers as a side channel, software cache-based side-channel attacks are able to derive secret keys used in cryptographic operations through legitimate ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CC 2022: Proceedings of the 31st ACM SIGPLAN International Conference on Compiler Construction

March 2022

253 pages

ISBN:9781450391832

DOI:10.1145/3497776

General Chairs:
Bernhard Egger
Seoul National University, South Korea
,
Aaron Smith
Microsoft, USA

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 March 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

CC '22

Sponsor:

SIGPLAN

CC '22: 31st ACM SIGPLAN International Conference on Compiler Construction

April 2 - 3, 2022

Seoul, South Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
341
Total Downloads

Downloads (Last 12 months)92
Downloads (Last 6 weeks)15

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang ZTao MO'Connell SChuengsatiansup CGenkin DYarom YCalandrino JTroncoso C(2023)BunnyHopProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620647(7321-7337)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620647
Soares LCanesche MPereira F(2023)Side-channel Elimination via Partial Control-flow LinearizationACM Transactions on Programming Languages and Systems10.1145/359473645:2(1-43)Online publication date: 26-Jun-2023
https://dl.acm.org/doi/10.1145/3594736

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten