TimeWarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks

[], Martin; Demme,; Sethumadhavan,

doi:10.1109/isca.2012.6237011

Cited by 75 publications

(59 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, using ideas similar to those presented in [2] and [20], we split program execution into coarse-grain time epochs. Second, we architect the secure processor with learning mechanisms that choose a new ORAM rate out of a set of allowed rates only at the end of each epoch.…”

Section: An Overview Of Our Proposalmentioning

confidence: 99%

“…If the adversary and secure processor share main memory (e.g., a DRAM DIMM), a straightforward way to measure ORAM access frequency is for the adversary to measure its own average DRAM access latency (e.g., use performance counters to measure resource contention [20,35]). …”

Section: Measuring Path Oram Timingmentioning

confidence: 99%

“…We cannot list all relevant articles, but two related papers are Time Warp [20] and Wang et al [35]. Time Warp also uses epochs to fuzz architectural mechanisms (e.g., the RDTSC instruction) and, using statistical arguments, decrease timing leakage.…”

Section: Foundational Workmentioning

confidence: 99%

See 2 more Smart Citations

Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs

Fletchery

Ren

et al. 2014

2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA)

View full text Add to dashboard Cite

Oblivious RAM (ORAM) is an established cryptographic technique to hide a program's address pattern to an untrusted storage system. More recently, ORAM schemes have been proposed to replace conventional memory controllers in secure processor settings to protect against information leakage in external memory and the processor I/O bus.A serious problem in current secure processor ORAM proposals is that they don't obfuscate when ORAM accesses are made, or do so in a very conservative manner. Since secure processors make ORAM accesses on last-level cache misses, ORAM access timing strongly correlates to program access pattern (e.g., locality). This brings ORAM's purpose in secure processors into question. This paper makes two contributions. First, we show how a secure processor can bound ORAM timing channel leakage to a user-controllable leakage limit. The secure processor is allowed to dynamically optimize ORAM access rate for power/performance, subject to the constraint that the leakage limit is not violated. Second, we show how changing the leakage limit impacts program efficiency.We present a dynamic scheme that leaks at most 32 bits through the ORAM timing channel and introduces only 20% performance overhead and 12% power overhead relative to a baseline ORAM that has no timing channel protection. By reducing leakage to 16 bits, our scheme degrades in performance by 5% but gains in power efficiency by 3%. We show that a static (zero leakage) scheme imposes a 34% power overhead for equivalent performance (or a 30% performance overhead for equivalent power) relative to our dynamic scheme.

show abstract

Section: An Overview Of Our Proposalmentioning

confidence: 99%

Section: Measuring Path Oram Timingmentioning

confidence: 99%

See 1 more Smart Citation

Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs

Fletchery

Ren

et al. 2014

2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA)

View full text Add to dashboard Cite

show abstract

“…Papers such as [37] discussed mitigating side-channel attacks in different environments. This paper proposed a general mitigation strategy that focuses on the infrastructure used to measure side channel leaks rather than the source of leaks.…”

Section: Side-channel Attacksmentioning

confidence: 99%

Securing the Cloud: Threats, Attacks and Mitigation Techniques

Alani

2014

JACST

View full text Add to dashboard Cite

This paper is aimed to present information about the most current threats and attacks on cloud computing, as well as security measures. The paper discusses threats and attacks that are most effective on cloud computing such as data breach, data loss, service traffic hijacking..etc. The severity and effect of these attacks are discussed along with real-life examples of these attacks. The paper also suggests mitigation techniques that can be used to reduce or eliminate the risk of the threats discussed. In addition, general cloud security recommendations are given.

show abstract

“…Note that techniques such as cache partitioning can isolate the cache activity of one thread from another, but it does not eliminate the memory timing channels, i.e., memory latencies of one thread are impacted by the cache miss rate of the co-scheduled thread. Martin et al [13] thwart timing channel attacks by limiting a user's ability to take fine-grained timing measurements. Saltaformaggio et al [22] identify potential attacks because of atomic instructions that can lock up the entire memory system; they develop solutions that require hypervisor extensions.…”

Section: Related Workmentioning

confidence: 99%

Memory bandwidth reservation in the cloud to avoid information leakage in the memory controller

Gundu

Sreekumar

Shafiee

et al. 2014

Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy

View full text Add to dashboard Cite

Multiple virtual machines (VMs) are typically co-scheduled on cloud servers. Each VM experiences different latencies when accessing shared resources, based on contention from other VMs. This introduces timing channels between VMs that can be exploited to launch attacks by an untrusted VM. This paper focuses on trying to eliminate the timing channel in the shared memory system. Unlike prior work that implements temporal partitioning, this paper proposes and evaluates bandwidth reservation. We show that while temporal partitioning can degrade performance by 61% in an 8-core platform, bandwidth reservation only degrades performance by under 1% on average.

show abstract

TimeWarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate side-channel attacks

Cited by 75 publications

References 19 publications

Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs

Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs

Securing the Cloud: Threats, Attacks and Mitigation Techniques

Memory bandwidth reservation in the cloud to avoid information leakage in the memory controller

Contact Info

Product

Resources

About