CacheFX: A Framework for Evaluating Cache Security

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security Pub Date : 2022-01-27 DOI:10.1145/3579856.3595794

Daniel Genkin, William Kosasih, Fangfei Liu, Anna Trikalinou, Thomas Unterluggauer, Y. Yarom

{"title":"CacheFX: A Framework for Evaluating Cache Security","authors":"Daniel Genkin, William Kosasih, Fangfei Liu, Anna Trikalinou, Thomas Unterluggauer, Y. Yarom","doi":"10.1145/3579856.3595794","DOIUrl":null,"url":null,"abstract":"Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting shared caching components. In response, the research community has proposed multiple cache designs that aim at curbing the source of side channels. With multiple competing designs, there is a need for assessing the level of security against side-channel attacks that each design offers. Several metrics have been suggested for performing such evaluations. However, these tend to be limited both in terms of the potential adversaries they consider and in the applicability of the metric to real-world attacks, as opposed to attack techniques. Moreover, all existing metrics implicitly assume that a single metric can encompass the nuances of side-channel security. In this work we propose CacheFX, a flexible framework for assessing and evaluating the resilience of cache designs to side-channel attacks. CacheFX allows the evaluator to implement various cache designs, victims, and attackers, as well as to exercise them for assessing the leakage of information via the cache. To demonstrate the power of CacheFX, we implement multiple cache designs and replacement algorithms, and devise three evaluation metrics that measure different aspects of the caches: (1) the entropy induced by a memory access; (2) the complexity of building an eviction set; (3) protection against cryptographic attacks; Our experiments highlight that different security metrics give different insights to designs, making a comprehensive analysis mandatory. For instance, while eviction-set building was fastest for randomized skewed caches, these caches featured lower eviction entropy and higher practical attack complexity. Our experiments show that all non-partitioned designs allow for effective cryptographic attacks. However, in state-of-the-art secure caches, eviction-based attacks are more difficult to mount than occupancy-based attacks, highlighting the need to consider the latter in cache design.","PeriodicalId":156082,"journal":{"name":"Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security","volume":"49 6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3579856.3595794","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting shared caching components. In response, the research community has proposed multiple cache designs that aim at curbing the source of side channels. With multiple competing designs, there is a need for assessing the level of security against side-channel attacks that each design offers. Several metrics have been suggested for performing such evaluations. However, these tend to be limited both in terms of the potential adversaries they consider and in the applicability of the metric to real-world attacks, as opposed to attack techniques. Moreover, all existing metrics implicitly assume that a single metric can encompass the nuances of side-channel security. In this work we propose CacheFX, a flexible framework for assessing and evaluating the resilience of cache designs to side-channel attacks. CacheFX allows the evaluator to implement various cache designs, victims, and attackers, as well as to exercise them for assessing the leakage of information via the cache. To demonstrate the power of CacheFX, we implement multiple cache designs and replacement algorithms, and devise three evaluation metrics that measure different aspects of the caches: (1) the entropy induced by a memory access; (2) the complexity of building an eviction set; (3) protection against cryptographic attacks; Our experiments highlight that different security metrics give different insights to designs, making a comprehensive analysis mandatory. For instance, while eviction-set building was fastest for randomized skewed caches, these caches featured lower eviction entropy and higher practical attack complexity. Our experiments show that all non-partitioned designs allow for effective cryptographic attacks. However, in state-of-the-art secure caches, eviction-based attacks are more difficult to mount than occupancy-based attacks, highlighting the need to consider the latter in cache design.

查看原文本刊更多论文

CacheFX:一个评估缓存安全性的框架

在过去的二十年里，项目之间共享资源的危险一再被强调。已经设计了多侧通道攻击，这些攻击试图利用共享组件泄漏信息，主要针对共享缓存组件。作为回应，研究界提出了多种缓存设计，旨在抑制侧通道的来源。对于多个相互竞争的设计，需要评估每个设计提供的针对侧信道攻击的安全级别。已经提出了执行这种评估的几个度量标准。然而，就它们所考虑的潜在对手而言，以及相对于攻击技术而言，度量标准对真实世界攻击的适用性而言，这些指标往往受到限制。此外，所有现有指标都隐含地假设单个指标可以包含侧信道安全性的细微差别。在这项工作中，我们提出了CacheFX，这是一个灵活的框架，用于评估和评估缓存设计对侧信道攻击的弹性。CacheFX允许评估器实现各种缓存设计、受害者和攻击者，并通过它们来评估通过缓存的信息泄漏。为了展示CacheFX的强大功能，我们实现了多种缓存设计和替换算法，并设计了三个评估指标来衡量缓存的不同方面:(1)由内存访问引起的熵;(2)构建驱逐集的复杂性;(3)防止密码攻击;我们的实验突出表明，不同的安全度量为设计提供了不同的见解，因此必须进行全面的分析。例如，虽然随机倾斜缓存的驱逐集构建速度最快，但这些缓存具有较低的驱逐熵和较高的实际攻击复杂性。我们的实验表明，所有非分区设计都允许有效的加密攻击。然而，在最先进的安全缓存中，基于驱逐的攻击比基于占用的攻击更难进行，这突出了在缓存设计中考虑后者的必要性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security

自引率

0.00%

发文量