New cache designs for thwarting software cache-based side channel attacks

Zhenghong Wang, Ruby Bei-Loh Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

278 Scopus citations

Abstract

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose systems. The attacks are easy to perform, effective on most platforms, and do not require special instruments or excessive computation power. In recently demonstrated attacks on software implementations of ciphers like AES and RSA, the full key can be recovered by an unprivileged user program performing simple timing measurements based on cache misses. We first analyze these attacks, identifying cache interference as the root cause of these attacks. We identify two basic mitigation approaches: the partition-based approach eliminates cache interference whereas the randomization-based approach randomizes cache interference so that zero information can be inferred. We present new security-aware cache designs, the Partition-Locked cache (PLcache) and Random Permutation cache (RPcache), analyze and prove their security, and evaluate their performance. Our results show that our new cache designs with built-in security can defend against cache-based side channel attacks in general-rather than only specific attacks on a given cryptographic algorithm-with very little performance degradation and hardware cost.

Original languageEnglish (US)
Title of host publicationISCA'07
Subtitle of host publication34th Annual International Symposium on Computer Architecture, Conference Proceedings
Pages494-505
Number of pages12
DOIs
StatePublished - Oct 22 2007
EventISCA'07: 34th Annual International Symposium on Computer Architecture - San Diego, CA, United States
Duration: Jun 9 2007Jun 13 2007

Publication series

NameProceedings - International Symposium on Computer Architecture
ISSN (Print)1063-6897

Other

OtherISCA'07: 34th Annual International Symposium on Computer Architecture
CountryUnited States
CitySan Diego, CA
Period6/9/076/13/07

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Keywords

  • Cache
  • Computer architecture
  • Processor
  • Security
  • Side channel
  • Timing attacks

Fingerprint Dive into the research topics of 'New cache designs for thwarting software cache-based side channel attacks'. Together they form a unique fingerprint.

Cite this