How Sharp is SHARP ?

Cross-core last-level cache based side-channel attacks are becoming practical, affecting all forms of computing devices like mobiles, desktops, servers, and cloud based systems. Mitigating last-level cache based side channel attacks has become an active area of research and many proposals target to mitigate cross-core based conflict attacks. Secure Cache Hierarchy Aware Replacement Policy (SHARP) is one of the recent proposals that mitigate the conflict attacks by changing the underlying last-level cache replacement policy. Though SHARP is an elegant proposal; there are many subtle points, which were not part of the original SHARP proposal that appeared in the ISCA ’17. Through this paper, we discuss and debate the subtle issues that are left unanswered in the original SHARP paper.

[1]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[2]  Ruby B. Lee,et al.  How secure is your cache against side-channel attacks? , 2017, 2017 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[3]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[4]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[5]  Stefan Mangard,et al.  Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches , 2015, USENIX Security Symposium.

[6]  Ruby B. Lee,et al.  Random Fill Cache Architecture , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[7]  Simha Sethumadhavan,et al.  TimeWarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[8]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[9]  Andrew Ferraiuolo,et al.  SecDCP: Secure dynamic cache partitioning for efficient timing channel protection , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[10]  Gernot Heiser,et al.  CATalyst: Defeating last-level cache side channel attacks in cloud computing , 2016, 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[11]  Gorka Irazoqui Apecechea,et al.  S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.

[12]  Aamer Jaleel,et al.  High performance cache replacement using re-reference interval prediction (RRIP) , 2010, ISCA.

[13]  Michael K. Reiter,et al.  A Software Approach to Defeating Side Channels in Last-Level Caches , 2016, CCS.

[14]  Josep Torrellas,et al.  Secure hierarchy-aware cache replacement policy (SHARP): Defending against cache-based side channel attacks , 2017, 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA).

[15]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[16]  HASP 2013, The Second Workshop on Hardware and Architectural Support for Security and Privacy, Tel-Aviv, Israel, June 23-24, 2013 , 2013, HASP@ISCA.

[17]  Klaus Wagner,et al.  Flush+Flush: A Fast and Stealthy Cache Attack , 2015, DIMVA.