TY - GEN
T1 - A 32kB secure cache memory with dynamic replacement mapping in 65nm bulk CMOS
AU - Erbagci, Burak
AU - Liu, Fangfei
AU - Cakir, Cagla
AU - Akkaya, Nail Etkin Can
AU - Lee, Ruby
AU - Mai, Ken
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2016/1/19
Y1 - 2016/1/19
N2 - Side channel attacks exploit inadvertent information leakage from the physical implementation of computing systems, bypassing the theoretical strength of cryptographic algorithms. Of particular concern are software side-channel attacks which can be mounted remotely without access or alteration of the hardware system. One type of attack that has been demonstrated to be highly effective is cache timing attacks that exploit cache replacement policies to discern information about the data being processed. In this paper, we present a secure cache design that defeats software side-channel attacks targeted at hardware caches. The memory-to-cache mapping is dynamic and randomized by replacing the address decoder of a conventional cache with a CAM. We fabricated a prototype 32kB secure cache along with a conventional 8-way version for comparison on a 65nm bulk CMOS process. The prototype operates at 500 MHz, dissipating 117 mW at the nominal 1V VDD. Compared to the conventional design, the secure cache has an 10% area overhead, 20% power overhead at iso-performance.
AB - Side channel attacks exploit inadvertent information leakage from the physical implementation of computing systems, bypassing the theoretical strength of cryptographic algorithms. Of particular concern are software side-channel attacks which can be mounted remotely without access or alteration of the hardware system. One type of attack that has been demonstrated to be highly effective is cache timing attacks that exploit cache replacement policies to discern information about the data being processed. In this paper, we present a secure cache design that defeats software side-channel attacks targeted at hardware caches. The memory-to-cache mapping is dynamic and randomized by replacing the address decoder of a conventional cache with a CAM. We fabricated a prototype 32kB secure cache along with a conventional 8-way version for comparison on a 65nm bulk CMOS process. The prototype operates at 500 MHz, dissipating 117 mW at the nominal 1V VDD. Compared to the conventional design, the secure cache has an 10% area overhead, 20% power overhead at iso-performance.
UR - http://www.scopus.com/inward/record.url?scp=84963830442&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84963830442&partnerID=8YFLogxK
U2 - 10.1109/ASSCC.2015.7387501
DO - 10.1109/ASSCC.2015.7387501
M3 - Conference contribution
AN - SCOPUS:84963830442
T3 - 2015 IEEE Asian Solid-State Circuits Conference, A-SSCC 2015 - Proceedings
BT - 2015 IEEE Asian Solid-State Circuits Conference, A-SSCC 2015 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 11th IEEE Asian Solid-State Circuits Conference, A-SSCC 2015
Y2 - 9 November 2015 through 11 November 2015
ER -