On the Incomparability of Cache Algorithms in Terms of Timing Leakage

by   Pablo Cañones, et al.

Modern computer architectures rely on caches to reduce the latency gap between the CPU and main memory. While indispensable for performance, caches pose a serious threat to security because they leak information about memory access patterns of programs via execution time. In this paper, we present a novel approach for reasoning about the security of cache algorithms with respect to timing leaks. The basis of our approach is the notion of leak competitiveness, which compares the leakage of two cache algorithms on every possible program. Based on this notion, we prove the following two results: First, we show that leak competitiveness is symmetric in the cache algorithms. This implies that no cache algorithm dominates another in terms of leakage via a program's total execution time. This is in contrast to performance, where it is known that such dominance relationships exist. Second, when restricted to caches with finite control, the leak-competitiveness relationship between two cache algorithms is either asymptotically linear or constant. No other shapes are possible.



There are no comments yet.


page 1

page 2

page 3

page 4


SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection

CPU cache is limited but crucial storage on modern processor whereas the...

Parametric Timed Model Checking for Guaranteeing Timed Opacity

Information leakage can have dramatic consequences on systems security. ...

Analysing Flow Security Properties in Virtualised Computing Systems

This paper studies the problem of reasoning about flow security properti...

MuonTrap: Preventing Cross-Domain Spectre-Like Attacks by Capturing Speculative State

The disclosure of the Spectre speculative-execution attacks in January 2...

Locality-based Graph Reordering for Processing Speed-Ups and Impact of Diameter

Graph analysis involves a high number of random memory access patterns. ...

Output-sensitive Information flow analysis

Constant-time programming is a countermeasure to prevent cache based att...

CANAL: A Cache Timing Analysis Framework via LLVM Transformation

A unified modeling framework for non-functional properties of a program ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.