A novel cache architecture with enhanced performance and security

Wang, Zhenghong; Lee, Ruby B.

doi:10.1109/micro.2008.4771781

Cited by 112 publications

(20 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For attacks involving a different execution context, we need to make sure that the entries in the GhB belonging to different contexts are isolated. Previous works [10,11,15,18,20,21,26,27,30,36,37] have already identified solutions to achieve this in regular caches, but given the special characteristics of the GhB, we propose the following:…”

Section: Different Executionmentioning

confidence: 99%

“…This is not an attractive solution for general-purpose computing, as speculative execution offers substantial performance benefits. (2) Speculate but obfuscate microarchitectural changes so that an attacker cannot discern microarchitectural changes due to speculation [35][36][37]. (3) Speculate but do not change microarchitectural state until the speculation can be resolved.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Ghost loads

Sakalis

Alipour

Ros

et al. 2019

Proceedings of the 16th ACM International Conference on Computing Frontiers

View full text Add to dashboard Cite

Speculative execution is necessary for achieving high performance on modern general-purpose CPUs but, starting with Spectre and Meltdown, it has also been proven to cause severe security flaws. In case of a misspeculation, the architectural state is restored to assure functional correctness but a multitude of microarchitectural changes (e.g., cache updates), caused by the speculatively executed instructions, are commonly left in the system. These changes can be used to leak sensitive information, which has led to a frantic search for solutions that can eliminate such security flaws. The contribution of this work is an evaluation of the cost of hiding speculative side-effects in the cache hierarchy, making them visible only after the speculation has been resolved. For this, we compare (for the first time) two broad approaches: i) waiting for loads to become non-speculative before issuing them to the memory system, and ii) eliminating the side-effects of speculation, a solution consisting of invisible loads (Ghost loads) and performance optimizations (Ghost Buffer and Materialization). While previous work, InvisiSpec, has proposed a similar solution to our latter approach, it has done so with only a minimal evaluation and at a significant performance cost. The detailed evaluation of our solutions shows that: i) waiting for loads to become non-speculative is no more costly than the previously proposed InvisiSpec solution, albeit much simpler, non-invasive in the memory system, and stronger security-wise; ii) hiding speculation with Ghost loads (in the context of a relaxed memory model) can be achieved at the cost of 12% performance degradation and 9% energy increase, which is significantly better that the previous state-of-the-art solution.

show abstract

Section: Different Executionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Ghost loads

Sakalis

Alipour

Ros

et al. 2019

Proceedings of the 16th ACM International Conference on Computing Frontiers

View full text Add to dashboard Cite

show abstract

“…Such a method is good to protect specific application, but would not be widely applied since each target application needs to be modified. Another type of random permutation is randomizing the mapping from machine address to cache sets [9,10,22], thus making information inferred from cache operations cannot reveal the memory access pattern of the victim. However, all current works of this type requires new design of hardware, leading to bad compatibility with current cloud platforms.…”

Section: Defense Against Cache-based Side Channelsmentioning

confidence: 99%

“…Accordingly, there are a large number of solutions proposed for defending against cache-based side-channel attacks. Most of them can be divided into two types: one requires modifying the hardware [9] [10], which imposes bad compatibility with current platform; the other needs to alter systems [11] [12] or vulnerable applications [13,14,15], which is too specific and cannot be applied widely. There are also some defense methods proposed for VMM layer [16,17,18,19,20], which might influence the operation of normal applications [16], or would only defend against a portion of cache attacks [17], or greatly reduce benefits of cache sharing [18] [19], or would bring too much overhead [20].…”

Section: Introductionmentioning

confidence: 99%

CacheSCDefender: VMM-based Comprehensive Framework against Cache-based Side-channel Attacks

Yang¹,

Guo²,

Hu³

et al. 2018

KSII TIIS

View full text Add to dashboard Cite

Cache-based side-channel attacks have achieved more attention along with the development of cloud computing technologies. However, current host-based mitigation methods either provide bad compatibility with current cloud infrastructure, or turn out too application-specific. Besides, they are defending blindly without any knowledge of ongoing attacks. In this work, we present CacheSCDefender, a framework that provides a (Virtual Machine Monitor) VMM-based comprehensive defense framework against all levels of cache attacks. In designing CacheSCDefender, we make three key contributions: (1) an attack-aware framework combining our novel dynamic remapping and traditional cache cleansing, which provides a comprehensive defense against all three cases of cache attacks that we identify in this paper; (2) a new defense method called dynamic remapping which is a developed version of random permutation and is able to deal with two cases of cache attacks; (3) formalization and quantification of security improvement and performance overhead of our defense, which can be applicable to other defense methods. We show that CacheSCDefender is practical for deployment in normal virtualized environment, while providing favorable security guarantee for virtual machines.

show abstract

“…Another cache architecture is proposed in [Wang and Lee 2008] to reduce cache miss rate, to overcome access-time overhead and to thwart information leakage. They have used a security-aware cache replacement algorithm to thwart information leakage.…”

Section: Main Attributesmentioning

confidence: 99%

A Survey of Timing Channels and Countermeasures

2017

View full text Add to dashboard Cite

A timing channel is a communication channel that can transfer information to a receiver/decoder by modulating the timing behavior of an agent. Examples of this agent include the inter-packet delays of a packet stream, reordering packets in a packet stream or resource access time of a cryptographic module. The advances in information theory and the availability of high performance computing systems interconnected by high speed networks, have spurred interest and development of various types of timing channels. With the emergence of complex timing channels, novel detection and prevention techniques are also being developed to counter them. In this paper we provide a detailed survey of timing channels broadly categorized into network timing channel in which communicating entities are connected by a network and in-system timing channel in which the communicating entities are within a computing system. This survey builds upon the last comprehensive survey by [Zander et al. 2007] and considers all the three canonical applications of timing channels namely, covert communication, timing side-channel, and network flow watermarking. We survey the theoretical foundations, the implementation, and the various detection and prevention techniques that have been reported in the literature. Based on the analysis of the current literature we articulate potential future research directions both in the design and applications of timing channels and their detection and prevention techniques.

show abstract

A novel cache architecture with enhanced performance and security

Cited by 112 publications

References 19 publications

Ghost loads

Ghost loads

CacheSCDefender: VMM-based Comprehensive Framework against Cache-based Side-channel Attacks

A Survey of Timing Channels and Countermeasures

Contact Info

Product

Resources

About