Last-Level Cache Side-Channel Attacks are Practical

Liu, Fangfei; Yarom, Yuval; Ge, Qian; Heiser, Gernot; Lee, Ruby B.

doi:10.1109/sp.2015.43

Cited by 806 publications

(747 citation statements)

References 35 publications

Supporting

Mentioning

712

Contrasting

Unclassified

Order By: Relevance

“…Cache attacks were also expanded so as to compromise public key cryptography algorithms like RSA as proposed in [27] and later in [29], demonstrating that such attacks are possible on the full spectrum of popular cryptography algorithms. Attacks became more potent after the proposal of the FLUSH + RELOAD attack, described in [30,31] which exploits the shared memory pages of OS libraries stored in the Last Level Cache (LLC) of any computer and similarly to sophisticated variations of the PRIME+PROBE attack [32] also focused on LLC, became applicable in cross core applications even against VM devices [22,32,33]. Furthermore, variations of the FLASH + RELOAD attack have been proposed for ARM-based systems thus providing strong implications of cache SCA vulnerabilities in ARM embedded systems (including embedded system nodes or Android-based mobile devices systems and ARM TrustZone Enabled processes) [23,34,35].…”

Section: Microarchitectural/cache Attacksmentioning

confidence: 99%

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

2017

View full text Add to dashboard Cite

Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT) and Operational Technology (OT) systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures) capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory). Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS) such systems are designed to provide.

show abstract

Section: Microarchitectural/cache Attacksmentioning

confidence: 99%

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

2017

View full text Add to dashboard Cite

show abstract

“…An interesting use case of cache management is in defending shared-cache side channel attacks [19]. We expect that vCAT could be applied here as well, while also providing cache isolation among tasks, a property that cannot be achieved by existing CAT-based solutions such as [18].…”

Section: Related Workmentioning

confidence: 99%

“…We reserved cache partitions 0-7 (CBM bitmask 0×000FF) to CPU1 and partitions 8-15 (CBM bitmask 0×0FF00) to CPU2. We flushed the entire cache initially, and mitigated potential interference to CPU1 and CPU2 by moving all system services to the remaining cores and assigning to them the remaining partitions (partitions [16][17][18][19]. We created a periodic task that sequentially accesses a 4MB array.…”

Section: Cache Lookup Controlmentioning

confidence: 99%

vCAT: Dynamic Cache Management Using CAT Virtualization

Thi²,

Phan

et al. 2017

2017 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS)

View full text Add to dashboard Cite

This paper presents vCAT, a novel design for dynamic shared cache management on multicore virtualization platforms based on Intel's Cache Allocation Technology (CAT). Our design achieves strong isolation at both task and VM levels through cache partition virtualization, which works in a similar way as memory virtualization, but has challenges that are unique to cache and CAT. To demonstrate the feasibility and benefits of our design, we provide a prototype implementation of vCAT, and we present an extensive set of microbenchmarks and performance evaluation results on the PARSEC benchmarks and synthetic workloads, for both static and dynamic allocations. The evaluation results show that (i) vCAT can be implemented with minimal overhead, (ii) it can be used to mitigate shared cache interference, which could have caused task WCET increased by up to 7.2 x, (iii) static management in vCAT can increase system utilization by up to 7 x compared to a system without cache management; and (iv) dynamic management substantially outperforms static management in terms of schedulable utilization (increase by up to 3 x in our multi-mode example use case). Abstract-This paper presents vCAT, a novel design for dynamic shared cache management on multicore virtualization platforms based on Intel's Cache Allocation Technology (CAT). Our design achieves strong isolation at both task and VM levels through cache partition virtualization, which works in a similar way as memory virtualization, but has challenges that are unique to cache and CAT. To demonstrate the feasibility and benefits of our design, we provide a prototype implementation of vCAT, and we present an extensive set of microbenchmarks and performance evaluation results on the PARSEC benchmarks and synthetic workloads, for both static and dynamic allocations. The evaluation results show that (i) vCAT can be implemented with minimal overhead, (ii) it can be used to mitigate shared cache interference, which could have caused task WCET increased by up to 7.2×, (iii) static management in vCAT can increase system utilization by up to 7× compared to a system without cache management; and (iv) dynamic management substantially outperforms static management in terms of schedulable utilization (increase by up to 3× in our multi-mode example use case). Disciplines Computer Engineering | Computer Sciences

show abstract

“…Previous works have already shown methods to attack computational and storage components by exploring features such as cache miss rates [14] [15] or the time required to perform floating point operations [16].…”

Section: Distributed Timing Attack (Dta)mentioning

confidence: 99%

Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management

Reinbrecht

Susin

Bossuet³

et al. 2016

2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)

View full text Add to dashboard Cite

Abstract-The wide use of Multi-processing systems-on-chip (MPSoCs) in embedded systems and the trend to increase the integration between devices have turned these systems vulnerable to attacks. Malicious software executed on compromised IP may become a serious security problem. By snooping the traffic exchanged through the Network-on-chip (NoC), it is possible to infer sensitive information such as secrets keys. NoCs are vulnerable to side channel attacks that exploit traffic interference as timing channels. When multiple IP cores are infected, they can work coordinately to implement a distributed timing attack (DTA). In this work we present for the first time the execution of a DTA and a secure enhanced NoC architecture able to avoid the timing attacks. Results show that our NoC proposal can avoid the DTA with an increase of only 1% in area and 0.8% in power regarding the whole chip design.

show abstract

Last-Level Cache Side-Channel Attacks are Practical

Cited by 806 publications

References 35 publications

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

vCAT: Dynamic Cache Management Using CAT Virtualization

Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management

Contact Info

Product

Resources

About