Eliminating cache-based timing attacks with instruction-based scheduling

Deian Stefan, Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, David Mazières

Research output: Chapter in Book/Report/Conference proceedingConference contribution

43 Scopus citations

Abstract

Information flow control allows untrusted code to access sensitive and trustworthy information without leaking this information. However, the presence of covert channels subverts this security mechanism, allowing processes to communicate information in violation of IFC policies. In this paper, we show that concurrent deterministic IFC systems that use time-based scheduling are vulnerable to a cache-based internal timing channel. We demonstrate this vulnerability with a concrete attack on Hails, one particular IFC web framework. To eliminate this internal timing channel, we implement instruction-based scheduling, a new kind of scheduler that is indifferent to timing perturbations from underlying hardware components, such as the cache, TLB, and CPU buses. We show this scheduler is secure against cache-based internal timing attacks for applications using a single CPU. To show the feasibility of instruction-based scheduling, we have implemented a version of Hails that uses the CPU retired-instruction counters available on commodity Intel and AMD hardware. We show that instruction-based scheduling does not impose significant performance penalties. Additionally, we formally prove that our modifications to Hails' underlying IFC system preserve non-interference in the presence of caches.

Original languageEnglish (US)
Title of host publicationComputer Security, ESORICS 2013 - 18th European Symposium on Research in Computer Security, Proceedings
Pages718-735
Number of pages18
DOIs
StatePublished - 2013
Externally publishedYes
Event18th European Symposium on Research in Computer Security, ESORICS 2013 - Egham, United Kingdom
Duration: Sep 9 2013Sep 13 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8134 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other18th European Symposium on Research in Computer Security, ESORICS 2013
Country/TerritoryUnited Kingdom
CityEgham
Period9/9/139/13/13

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Eliminating cache-based timing attacks with instruction-based scheduling'. Together they form a unique fingerprint.

Cite this