Visible to the public Secure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks

TitleSecure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks
Publication TypeConference Paper
Year of Publication2017
AuthorsYan, Mengjia, Gopireddy, Bhargava, Shull, Thomas, Torrellas, Josep
Conference NameProceedings of the 44th Annual International Symposium on Computer Architecture
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4892-8
Keywordscache, Cache replacement, Metrics, Multicore Computing, multicore computing security, pubcrawl, resilience, Resiliency, Scalability, security, Side channel
AbstractIn cache-based side channel attacks, a spy that shares a cache with a victim probes cache locations to extract information on the victim's access patterns. For example, in evict+reload, the spy repeatedly evicts and then reloads a probe address, checking if the victim has accessed the address in between the two operations. While there are many proposals to combat these cache attacks, they all have limitations: they either hurt performance, require programmer intervention, or can only defend against some types of attacks. This paper makes the following observation for an environment with an inclusive cache hierarchy: when the spy evicts the probe address from the shared cache, the address will also be evicted from the private cache of the victim process, creating an inclusion victim. Consequently, to disable cache attacks, this paper proposes to alter the line replacement algorithm of the shared cache, to prevent a process from creating inclusion victims in the caches of cores running other processes. By enforcing this rule, the spy cannot evict the probe address from the shared cache and, hence, cannot glimpse any information on the victim's access patterns. We call our proposal SHARP (Secure Hierarchy-Aware cache Replacement Policy). SHARP efficiently defends against all existing cross-core shared-cache attacks, needs only minimal hardware modifications, and requires no code modifications. We implement SHARP in a cycle-level full-system simulator. We show that it protects against real-world attacks, and that it introduces negligible average performance degradation.
URLhttp://doi.acm.org/10.1145/3079856.3080222
DOI10.1145/3079856.3080222
Citation Keyyan_secure_2017