Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It

08/05/2020
by   Wei Song, et al.
0

Cache randomization has recently been revived as a promising defense against conflict-based cache side-channel attacks. As two of the latest implementations, CEASER-S and ScatterCache both claim to thwart conflict-based cache side-channel attacks using randomized skewed caches. Unfortunately, our experiments show that an attacker can easily find a usable eviction set within the chosen remap period of CEASER-S and increasing the number of partitions without dynamic remapping, such as ScatterCache, cannot eliminate the threat. By quantitatively analyzing the access patterns left by various attacks in the LLC, we have newly discovered several problems with the hypotheses and implementations of randomized caches, which are also overlooked by the research on conflict-based cache side-channel attack. However, cache randomization is not a false hope and it is an effective defense that should be widely adopted in future processors. The newly discovered problems are corresponding to flaws associated with the existing implementation of cache randomization and are fixable. Several new defense techniques are proposed in this paper. our experiments show that all the newly discovered vulnerabilities of existing randomized caches are fixed within the current performance budget. We also argue that randomized set-associative caches can be sufficiently strengthened and possess a better chance to be actually adopted in commercial processors than their skewed counterparts as they introduce less overhaul to the existing cache structure.

READ FULL TEXT

page 1

page 10

page 11

research
11/11/2022

Remapped Cache Layout: Thwarting Cache-Based Side-Channel Attacks with a Hardware Defense

As cache-based side-channel attacks become serious security problems, va...
research
03/28/2023

The Mirage of Breaking MIRAGE: Refuting the HPCA-2023 Paper "Are Randomized Caches Truly Random?"

The HPCA-2023 paper "Are Randomized Caches Truly Random?" makes the clai...
research
09/26/2019

New Attacks and Defenses for Randomized Caches

The last level cache is vulnerable to timing based side channel attacks ...
research
09/18/2020

MIRAGE: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design

Shared caches in processors are vulnerable to conflict-based side-channe...
research
04/08/2021

Adversarial Learning Inspired Emerging Side-Channel Attacks and Defenses

Evolving attacks on the vulnerabilities of the computing systems demand ...
research
11/19/2019

A Benchmark Suite for Evaluating Caches' Vulnerability to Timing Attacks

Timing-based side or covert channels in processor caches continue to pre...
research
04/03/2023

A short note on the paper `Are Randomized Caches Really Random?'

In this paper, we analyse the results and claims presented in the paper ...

Please sign up or login with your details

Forgot password? Click here to reset