Random Fill Cache Architecture (Preprint)

Liu, Fangfei; Lee, Ruby B.

Random Fill Cache Architecture (Preprint)

Active / Technical Report | Accession Number: ADA620399 |

Open PDF

Abstract:

Correctly functioning caches have been shown to leak critical secrets like encryption keys, through various types of cache side-channel attacks. This nullifies the security provided by strong encryption and allows confidentiality breaches, impersonation attacks and fake services. Hence, future cache designs must consider security, ideally without degrading performance and power efficiency. We introduce a new classification of cache side channel attacks contention based attacks and reuse based attacks. Previous secure cache designs target only contention based attacks, and we show that they cannot defend against reuse based attacks. We show the surprising insight that the fundamental demand fetch policy of a cache is a security vulnerability that causes the success of reuse based attacks. We propose a novel random fill cache architecture that replaces demand fetch with random cache fill within a configurable neighborhood window. We show that our random fill cache does not degrade performance, and in fact, improves the performance for some types of applications. We also show that it provides information-theoretic security against reuse based attacks.

Author(s):

Liu, Fangfei ; Lee, Ruby B.

Author Organization(s):

PRINCETON UNIV NJ DEPT OF ELECTRICAL ENGINEERING

Descriptive Note:

Conference paper

Supplementary Note:

Presented at the IEEE/ACM International Symposium on Microarchitecture (MICRO). Cambridge, UK, on 13-17 Dec 2014 and published in proceedings of the same.

Pagination:

0014

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

AFRL-RI-RS-TP-2014-051

Contract/Grant Number(s):

FA8750-12-2-0295

Task Number(s):

PR

Project Number(s):

DHS2

Monitor Series:

TP-2014-051, AFRL-RI-RS

Subject Terms

Joint Capability Areas:

JCA_4.2.2_Inventory Management; JCA_4.2_Supply; JCA_5_Command and Control; JCA_5.3_Planning; JCA_1.3.2_Personnel Management; JCA_1.2.5_Lessons Learned

Modernization Areas:

Cyber

Communities of Interest:

Materials and Manufacturing Processes

Descriptor(s):

*COMPUTER ARCHITECTURE, COMPUTER SECURITY

Field(s)/Group(s):

Computer Programming and Software, Computer Hardware, Computer Systems Management and Standards

Keyword(s):

SIDE CHANNEL ATTACKS, CACHE COLLISION ATTACKS, SECURE CACHES, WUAFRLDHS2PRIN

Report Date:

2014 Oct 01

Creation Date:

2015 Sep 02