Journal ArticleDOI
Brutus : Refuting the Security Claims of the Cache Timing Randomization Countermeasure Proposed in CEASER
Reads0
Chats0
TLDR
It is shown that the complexity of a cache timing attack remains unaltered even with the presence of CEASER, and the encryption overheads if CEASer is implemented with a stronger encryption algorithm is compared.Abstract:
Cache timing attacks are a serious threat to the security of computing systems. It permits sensitive information, such as cryptographic keys, to leak across virtual machines and even to remote servers. Encrypted Address Cache, proposed by CEASER – a best paper candidate at MICRO 2018 – is a promising countermeasure that stymies the timing channel by employing cryptography to randomize the cache address space. The author claims strong security guarantees by providing randomization both spatially (randomizing every address) and temporally (changing the encryption key periodically). In this letter, we point out a serious flaw in their encryption approach that undermines the proposed security guarantees. Specifically, we show that the proposed Low-Latency Block Cipher, used for encryption in CEASER , is composed of only linear functions which neutralizes the spatial and temporal randomization. Thus, we show that the complexity of a cache timing attack remains unaltered even with the presence of CEASER . Further, we compare the encryption overheads if CEASER is implemented with a stronger encryption algorithm.read more
Citations
More filters
Proceedings ArticleDOI
Systematic Analysis of Randomization-based Protected Cache Architectures
TL;DR: This paper consolidates existing randomization-based secure caches into a generic cache model, and comprehensively analyze the security of existing designs, including CEASER-S and SCATTERCACHE, by mapping them to instances of this model.
Posted Content
MIRAGE: Mitigating Conflict-Based Cache Attacks with a Practical Fully-Associative Design
TL;DR: Analysis shows Mirage provides the global-eviction property of a fully-associative cache throughout the system lifetime, offering a principled defense against set-conflict based attacks.
Proceedings ArticleDOI
CaSA: End-to-end Quantitative Security Analysis of Randomly Mapped Caches
TL;DR: The result shows that the randomization mechanisms used in the state-of-the-art randomly mapped caches are insecure.
Posted Content
Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It
TL;DR: It is argued that randomized set-associative caches can be sufficiently strengthened and possess a better chance to be actually adopted in commercial processors than their skewed counterparts as they introduce less overhaul to the existing cache structure.
Proceedings ArticleDOI
Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel Attacks! But We Can Fix It
TL;DR: In this article, the cache randomization is not a false hope and it is an effective defense that should be widely adopted in future processors and several new defense ideas are proposed in this paper.
References
More filters
Proceedings ArticleDOI
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TL;DR: It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
Journal Article
Data encryption standard
TL;DR: Presentation de la norme americaine de codage des donnees informatisees (DES: Data Encryption Standard) permet de proteger lesDonnees selon des criteres qui sont developpes dans ce texte.
Proceedings ArticleDOI
Last-Level Cache Side-Channel Attacks are Practical
TL;DR: This work presents an effective implementation of the Prime+Probe side-channel attack against the last-level cache of GnuPG, and achieves a high attack resolution without relying on weaknesses in the OS or virtual machine monitor or on sharing memory between attacker and victim.
Proceedings ArticleDOI
Clearing the clouds: a study of emerging scale-out workloads on modern hardware
Michael Ferdman,Almutaz Adileh,Onur Kocberber,Stavros Volos,Mohammad Alisafaee,Djordje Jevdjic,Cansu Kaynak,Adrian Daniel Popescu,Anastasia Ailamaki,Babak Falsafi +9 more
TL;DR: This work identifies the key micro-architectural needs of scale-out workloads, calling for a change in the trajectory of server processors that would lead to improved computational density and power efficiency in data centers.
Proceedings ArticleDOI
Sniper: exploring the level of abstraction for scalable and accurate parallel multi-core simulation
TL;DR: Interval simulation provides a balance between detailed cycle-accurate simulation and one-IPC simulation, allowing long-running simulations to be modeled much faster than with detailed cycle, while still providing the detail necessary to observe core-uncore interactions across the entire system.