Cache side channel attacks are attacks that leak secret information through physical implementation of cryptographic operations, nullifying cryptographic protection. Recently, these attacks have received great interest. Previous research found that software countermeasures alone are not enough to defend against cache side channel attacks. Secure cache designs can thwart the root causes of cache side channels and are more efficient. For instance, Newcache is a cache design that can enhance security, performance and power efficiency simultaneously through dynamic memory-cache remapping and eviction randomization. However, these cache designs seldom had their security verified experimentally by mounting cache side channel attacks on them.� In this paper, we test the security of Newcache using representative classes of cache side channel attacks proposed for conventional set-associative caches. The results show that Newcache can defeat all these attacks. However, what if a very knowledgeable attacker crafted the attack strategy targeting the secure caches design? We redesign the attacks specifically for Newcache. The results show that Newcache can defeat even crafted access-driven attacks specifically targeted at it but sometimes succumbs to the specifically crafted timing attacks, which is due to a very subtle vulnerability in its replacement algorithm. We further secure Newcache by modifying its replacement algorithm slightly, thus defeating these specifically crafted timing attacks. In addition, the improved Newcache simplifies the replacement algorithm in the original Newcache design.
{"title":"Security testing of a secure cache design","authors":"Fangfei Liu, R. Lee","doi":"10.1145/2487726.2487729","DOIUrl":"https://doi.org/10.1145/2487726.2487729","url":null,"abstract":"Cache side channel attacks are attacks that leak secret information through physical implementation of cryptographic operations, nullifying cryptographic protection. Recently, these attacks have received great interest. Previous research found that software countermeasures alone are not enough to defend against cache side channel attacks. Secure cache designs can thwart the root causes of cache side channels and are more efficient. For instance, Newcache is a cache design that can enhance security, performance and power efficiency simultaneously through dynamic memory-cache remapping and eviction randomization. However, these cache designs seldom had their security verified experimentally by mounting cache side channel attacks on them.\u0000 In this paper, we test the security of Newcache using representative classes of cache side channel attacks proposed for conventional set-associative caches. The results show that Newcache can defeat all these attacks. However, what if a very knowledgeable attacker crafted the attack strategy targeting the secure caches design? We redesign the attacks specifically for Newcache. The results show that Newcache can defeat even crafted access-driven attacks specifically targeted at it but sometimes succumbs to the specifically crafted timing attacks, which is due to a very subtle vulnerability in its replacement algorithm. We further secure Newcache by modifying its replacement algorithm slightly, thus defeating these specifically crafted timing attacks. In addition, the improved Newcache simplifies the replacement algorithm in the original Newcache design.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126610512","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Francis X. McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, U. Savagaonkar
For years the PC community has struggled to provide secure solutions on open platforms. Intel has developed innovative new technology to enable SW developers to develop and deploy secure applications on open platforms. The technology enables applications to execute with confidentiality and integrity in the native OS environment. It does this by providing ISA extensions for generating hardware enforceable containers at a granularity determined by the developer. These containers while opaque to the operating system are managed by the OS. This paper analyzes the threats and attacks to applications. It then describes the ISA extension for generating a HW based container. Finally it describes the programming model of this container.
{"title":"Innovative instructions and software model for isolated execution","authors":"Francis X. McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, U. Savagaonkar","doi":"10.1145/2487726.2488368","DOIUrl":"https://doi.org/10.1145/2487726.2488368","url":null,"abstract":"For years the PC community has struggled to provide secure solutions on open platforms. Intel has developed innovative new technology to enable SW developers to develop and deploy secure applications on open platforms. The technology enables applications to execute with confidentiality and integrity in the native OS environment. It does this by providing ISA extensions for generating hardware enforceable containers at a granularity determined by the developer. These containers while opaque to the operating system are managed by the OS. This paper analyzes the threats and attacks to applications. It then describes the ISA extension for generating a HW based container. Finally it describes the programming model of this container.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130911830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sarani Bhattacharya, C. Rebeiro, Debdeep Mukhopadhyay
Timing attacks are a threat to networked computing systems especially the emerging cloud computing infrastructures. The precision timestamp counters present in modern microprocessors is a popularly used side channel source for timing information. These counters are able to measure the variability of timings that are caused from microarchitectural effects, like cache access patterns and branch miss predictions, and have been routinely used for demonstrating practical attacks against well known ciphers. Recently, researchers have attempted to inhibit precision timing measurements by fuzzing the timestamp, through a time-warped mechanism. In this paper, we demonstrate that in spite of fuzzing time, timing attack are still possible.
{"title":"Unraveling timewarp: what all the fuzz is about?","authors":"Sarani Bhattacharya, C. Rebeiro, Debdeep Mukhopadhyay","doi":"10.1145/2487726.2487734","DOIUrl":"https://doi.org/10.1145/2487726.2487734","url":null,"abstract":"Timing attacks are a threat to networked computing systems especially the emerging cloud computing infrastructures. The precision timestamp counters present in modern microprocessors is a popularly used side channel source for timing information. These counters are able to measure the variability of timings that are caused from microarchitectural effects, like cache access patterns and branch miss predictions, and have been routinely used for demonstrating practical attacks against well known ciphers. Recently, researchers have attempted to inhibit precision timing measurements by fuzzing the timestamp, through a time-warped mechanism. In this paper, we demonstrate that in spite of fuzzing time, timing attack are still possible.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132657182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Side-channels enable attackers to break a cipher by exploiting observable information from the cipher program's execution to infer its secret key. While some defenses have been proposed to protect information leakage due to certain side channels, the effectiveness of these defenses have mostly been given only qualitative analysis by their authors. It is desirable to have a general quantitative method and metric to evaluate a system's vulnerability to side-channel attacks.� In this paper, we define the features of a good side-channel leakage metric. We review a recently proposed metric called the Side-channel Vulnerability Factor (SVF) and discuss its merits and issues. We suggest the CSV metric, which tries to show how to overcome some of the shortcomings of the SVF metric, without completely changing its character. We use software cache side-channel attacks and defenses as an example to compare the metrics with known and measurable results on system leakiness.
{"title":"Side channel vulnerability metrics: the promise and the pitfalls","authors":"Tianwei Zhang, Fangfei Liu, Si Chen, R. Lee","doi":"10.1145/2487726.2487728","DOIUrl":"https://doi.org/10.1145/2487726.2487728","url":null,"abstract":"Side-channels enable attackers to break a cipher by exploiting observable information from the cipher program's execution to infer its secret key. While some defenses have been proposed to protect information leakage due to certain side channels, the effectiveness of these defenses have mostly been given only qualitative analysis by their authors. It is desirable to have a general quantitative method and metric to evaluate a system's vulnerability to side-channel attacks.\u0000 In this paper, we define the features of a good side-channel leakage metric. We review a recently proposed metric called the Side-channel Vulnerability Factor (SVF) and discuss its merits and issues. We suggest the CSV metric, which tries to show how to overcome some of the shortcomings of the SVF metric, without completely changing its character. We use software cache side-channel attacks and defenses as an example to compare the metrics with known and measurable results on system leakiness.","PeriodicalId":141766,"journal":{"name":"Hardware and Architectural Support for Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129565516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: