Side channel attacks exploit inadvertent information leakage from the physical implementation of computing systems, bypassing the theoretical strength of cryptographic algorithms. Of particular concern are software side-channel attacks which can be mounted remotely without access or alteration of the hardware system. One type of attack that has been demonstrated to be highly effective is cache timing attacks that exploit cache replacement policies to discern information about the data being processed. In this paper, we present a secure cache design that defeats software side-channel attacks targeted at hardware caches. The memory-to-cache mapping is dynamic and randomized by replacing the address decoder of a conventional cache with a CAM. We fabricated a prototype 32kB secure cache along with a conventional 8-way version for comparison on a 65nm bulk CMOS process. The prototype operates at 500 MHz, dissipating 117 mW at the nominal 1V VDD. Compared to the conventional design, the secure cache has an 10% area overhead, 20% power overhead at iso-performance.