Covert and side channels due to processor architecture

Zhenghong Wang, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

153 Scopus citations

Abstract

Information leakage through covert channels and side channels is becoming a serious problem, especially when these are enhanced by modern processor architecture features. We show how processor architecture features such as simultaneous multithreading, control speculation and shared caches can inadvertently accelerate such covert channels or enable new covert channels and side channels. We first illustrate the reality and severity of this problem by describing concrete attacks. We identify two new covert channels. We show orders of magnitude increases in covert channel capacities. We then present two solutions, Selective Partitioning and the novel Random Permutation Cache (RPCache). The RPCache can thwart most cache-based software side channel attacks, with minimal hardware costs and negligible performance impact.

Original languageEnglish (US)
Title of host publicationProceedings - Annual Computer Security Applications Conference, ACSAC
Pages473-482
Number of pages10
DOIs
StatePublished - Dec 1 2006
Event22nd Annual Computer Security Applications Conference, ACSAC 2006 - Miami Beach, FL, United States
Duration: Dec 11 2006Dec 15 2006

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527

Other

Other22nd Annual Computer Security Applications Conference, ACSAC 2006
CountryUnited States
CityMiami Beach, FL
Period12/11/0612/15/06

All Science Journal Classification (ASJC) codes

  • Software
  • Engineering(all)

Fingerprint Dive into the research topics of 'Covert and side channels due to processor architecture'. Together they form a unique fingerprint.

  • Cite this

    Wang, Z., & Lee, R. B. (2006). Covert and side channels due to processor architecture. In Proceedings - Annual Computer Security Applications Conference, ACSAC (pp. 473-482). [4041191] (Proceedings - Annual Computer Security Applications Conference, ACSAC). https://doi.org/10.1109/ACSAC.2006.20