Newcache: Secure Cache Architecture Thwarting Cache Side-Channel Attacks

Fangfei Liu, Hao Wu, Kenneth Mai, Ruby B. Lee

Research output: Contribution to journalArticlepeer-review

83 Scopus citations

Abstract

Newcache is a secure cache that can thwart cache side-channel attacks to prevent the leakage of secret information. All caches today are susceptible to cache side-channel attacks, despite software isolation of memory pages in virtual address spaces or virtual machines. These cache attacks can leak secret encryption keys or private identity keys, nullifying any protection provided by strong cryptography. Newcache uses a novel dynamic, randomized memory-to-cache mapping to thwart contention-based side-channel attacks, rather than the static mapping used by conventional set-associative caches. In this article, the authors present an improved design of Newcache, in terms of security, circuit design and simplicity. They show Newcache's security against a suite of cache side-channel attacks. They evaluate Newcache's system performance for cloud computing, smartphone, and SPEC benchmarks and find that Newcache performs as well as conventional set-associative caches, and sometimes better. They also designed a VLSI test chip with a 32-Kbyte Newcache and a 32-Kbyte, eight-way, set-associative cache and verified that the access latency, power, and area of the two caches are comparable. These results show that Newcache can be used as L1 data and instruction caches to improve security without impacting performance.

Original languageEnglish (US)
Article number7723806
Pages (from-to)8-16
Number of pages9
JournalIEEE Micro
Volume36
Issue number5
DOIs
StatePublished - Sep 1 2016

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Electrical and Electronic Engineering

Keywords

  • CAM
  • Newcache
  • cache
  • hardware design
  • information security
  • memory
  • moving target defense
  • randomized mapping
  • set-associative cache
  • side-channel attack

Fingerprint

Dive into the research topics of 'Newcache: Secure Cache Architecture Thwarting Cache Side-Channel Attacks'. Together they form a unique fingerprint.

Cite this