PhantomCache: Obfuscating Cache Conflicts with Localized Randomization

Cache conflicts due to deterministic memory-tocache mapping have long been exploited to leak sensitive information such as secret keys. While randomized mapping is fully investigated for L1 caches, it still remains unresolved about how to secure a much larger last-level cache (LLC). Recent solutions periodically change the mapping strategy to disrupt the crafting of conflicted addresses, which is a critical attack procedure to exploit cache conflicts. Remapping, however, increases both miss rate and access latency. We present PhantomCache for securing an LLC with remapping-free randomized mapping. We propose a localized randomization technique to bound randomized mapping of a memory address within only a limited number of cache sets. The small randomization space offers fast set search over an LLC in a memory access. The intrinsic randomness still suffices to obfuscate conflicts and disrupt efficient exploitation of conflicted addresses. We evaluate PhantomCache against an attacker exploring the state-of-the-art attack with linear-complexity. To secure an 8-bank 16 MB 16-way LLC, PhantomCache confines randomization space of an address within 8 sets and brings only 1.20% performance degradation on individual benchmarks, 0.50% performance degradation on mixed workloads, and 0.50% storage overhead per cache line, which are 2x and 9x more efficient than the state-of-the-art solutions. Moreover, PhantomCache is solely an architectural solution and requires no software change.

[1]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[2]  Benedikt Heinz,et al.  A Cache Timing Attack on AES in Virtualization Environments , 2012, Financial Cryptography.

[3]  Ruby B. Lee,et al.  A novel cache architecture with enhanced performance and security , 2008, 2008 41st IEEE/ACM International Symposium on Microarchitecture.

[4]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[5]  Gernot Heiser,et al.  CATalyst: Defeating last-level cache side channel attacks in cloud computing , 2016, 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[6]  Michael M. Swift,et al.  Scheduler-based Defenses against Cross-VM Side-channels , 2014, USENIX Security Symposium.

[7]  Josep Torrellas,et al.  ReplayConfusion: Detecting cache-based covert channel attacks using record and replay , 2016, 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[8]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[9]  Ruby B. Lee,et al.  Random Fill Cache Architecture , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[10]  Moinuddin K. Qureshi New Attacks and Defense for Encrypted-Address Cache , 2019, 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA).

[11]  Dipika Deb,et al.  Cache capacity and its effects on power consumption for tiled chip multi-processors , 2014, 2014 International Conference on Electronics and Communication Systems (ICECS).

[12]  Stefan Mangard,et al.  Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches , 2015, USENIX Security Symposium.

[13]  P. P. Deepthi,et al.  Design, implementation and analysis of hardware efficient stream ciphers using LFSR based hash functions , 2009, Comput. Secur..

[14]  Simha Sethumadhavan,et al.  TimeWarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[15]  Pepe Vila,et al.  Theory and Practice of Finding Eviction Sets , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[16]  Kay Römer,et al.  Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud , 2017, NDSS.

[17]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[18]  Daniel Gruss,et al.  Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory , 2017, USENIX Security Symposium.

[19]  Guru Venkataramani,et al.  CC-Hunter: Uncovering Covert Timing Channels on Shared Processor Hardware , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[20]  Andreas Haeberlen,et al.  Detecting Covert Timing Channels with Time-Deterministic Replay , 2014, OSDI.

[21]  Tom Feist,et al.  Vivado Design Suite , 2012 .

[22]  Hovav Shacham,et al.  Eliminating fine grained timers in Xen , 2011, CCSW '11.

[23]  Gorka Irazoqui Apecechea,et al.  Cross Processor Cache Attacks , 2016, IACR Cryptol. ePrint Arch..

[24]  Peter Damaschke Threshold Group Testing , 2005, Electron. Notes Discret. Math..

[25]  Trevor Mudge,et al.  Performance optimization of pipelined primary cache , 1992, ISCA '92.

[26]  Tanja Lange,et al.  The Security Impact of a New Cryptographic Library , 2012, LATINCRYPT.

[27]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[28]  Andrey Bogdanov,et al.  Exploring Energy Efficiency of Lightweight Block Ciphers , 2015, IACR Cryptol. ePrint Arch..

[29]  Angelos D. Keromytis,et al.  The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications , 2015, CCS.

[30]  Stefan Mangard,et al.  ARMageddon: Cache Attacks on Mobile Devices , 2015, USENIX Security Symposium.

[31]  Milos Doroslovacki,et al.  Prefetch-guard: Leveraging hardware prefetches to defend against cache timing channels , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[32]  Ruby B. Lee,et al.  How secure is your cache against side-channel attacks? , 2017, 2017 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[33]  Moinuddin K. Qureshi CEASER: Mitigating Conflict-Based Cache Attacks via Encrypted-Address and Remapping , 2018, 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[34]  Norman P. Jouppi,et al.  CACTI 6.0: A Tool to Model Large Caches , 2009 .

[35]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[36]  Mario Werner,et al.  ScatterCache: Thwarting Cache Attacks via Cache Set Randomization , 2019, USENIX Security Symposium.

[37]  Andrew Ferraiuolo,et al.  SecDCP: Secure dynamic cache partitioning for efficient timing channel protection , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[38]  Brad Calder,et al.  SimPoint 3.0: Faster and More Flexible Program Phase Analysis , 2005, J. Instr. Level Parallelism.

[39]  Hao Wu,et al.  Newcache: Secure Cache Architecture Thwarting Cache Side-Channel Attacks , 2016, IEEE Micro.

[40]  Yen-Chen Liu,et al.  Knights Landing: Second-Generation Intel Xeon Phi Product , 2016, IEEE Micro.

[41]  Nicolas Le Scouarnec,et al.  Reverse Engineering Intel Last-Level Cache Complex Addressing Using Performance Counters , 2015, RAID.

[42]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[43]  André Seznec,et al.  A case for two-way skewed-associative caches , 1993, ISCA '93.