Thwarting cache-based side- channel attacks Yuval Yarom The University of Adelaide and Data61.

Slides:



Advertisements
Similar presentations
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Advertisements

Architecture Support for Security Peter Chapman Michael Maass.
Review CPSC 321 Andreas Klappenecker Announcements Tuesday, November 30, midterm exam.
Full AES key extraction in 65 milliseconds using cache attacks
1  2004 Morgan Kaufmann Publishers Chapter Six. 2  2004 Morgan Kaufmann Publishers Pipelining The laundry analogy.
7/2/ _23 1 Pipelining ECE-445 Computer Organization Dr. Ron Hayne Electrical and Computer Engineering.
DAP Spr.‘98 ©UCB 1 Lecture 11: Memory Hierarchy—Ways to Reduce Misses.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.
A Novel Cache Architecture with Enhanced Performance and Security Zhenghong Wang and Ruby B. Lee.
IT253: Computer Organization Lecture 4: Instruction Set Architecture Tonga Institute of Higher Education.
How to Build a CPU Cache COMP25212 – Lecture 2. Learning Objectives To understand: –how cache is logically structured –how cache operates CPU reads CPU.
1 Vulnerabilities on high-end processors André Seznec IRISA/INRIA CAPS project-team.
Computer Architecture Lecture 32 Fasih ur Rehman.
Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology.
Cache Attacks and Countermeasures:
Lecture Topics: 11/24 Sharing Pages Demand Paging (and alternative) Page Replacement –optimal algorithm –implementable algorithms.
Operating Systems ECE344 Ashvin Goel ECE University of Toronto Demand Paging.
COMP SYSTEM ARCHITECTURE HOW TO BUILD A CACHE Antoniu Pop COMP25212 – Lecture 2Jan/Feb 2015.
Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.
DECStation 3100 Block Instruction Data Effective Program Size Miss Rate Miss Rate Miss Rate 1 6.1% 2.1% 5.4% 4 2.0% 1.7% 1.9% 1 1.2% 1.3% 1.2% 4 0.3%
1 Adapted from UC Berkeley CS252 S01 Lecture 18: Reducing Cache Hit Time and Main Memory Design Virtucal Cache, pipelined cache, cache summary, main memory.
A Framework For Trusted Instruction Execution Via Basic Block Signature Verification Milena Milenković, Aleksandar Milenković, and Emil Jovanov Electrical.
Microarchitectural Side-Channel Attacks Part 2 Yuval Yarom The University of Adelaide and Data61 1.
Microarchitectural Side-Channel Attacks Yuval Yarom The University of Adelaide and Data61 1.
Translation Lookaside Buffer
CS 352H: Computer Systems Architecture
X. Zhang, Y. Xiao, Y. Zhang Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices Xiaokuan Zhang, Yuan Xiao, Yinqian.
Memory Hierarchy Ideal memory is fast, large, and inexpensive
Non Contiguous Memory Allocation
Memory COMPUTER ARCHITECTURE
X. Zhang, Y. Xiao, Y. Zhang Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices Xiaokuan Zhang, Yuan Xiao, Yinqian.
Section 9: Virtual Memory (VM)
Multiscalar Processors
New Cache Designs for Thwarting Cache-based Side Channel Attacks
Multilevel Memories (Improving performance using alittle “cash”)
Information Security – Theory vs
5.2 Eleven Advanced Optimizations of Cache Performance
Mengjia Yan, Yasser Shalabi, Josep Torrellas
Cache Memory Presentation I
Lecture: Large Caches, Virtual Memory
RIC: Relaxed Inclusion Caches for Mitigating LLC Side-Channel Attacks
Bruhadeshwar Meltdown Bruhadeshwar
Lecture 23: Cache, Memory, Security
Cache memory Direct Cache Memory Associate Cache Memory
RANDOM FILL CACHE ARCHITECTURE
Continuous, Low Overhead, Run-Time Validation of Program Executions
Virtual Memory 3 Hakim Weatherspoon CS 3410, Spring 2011
CSCI1600: Embedded and Real Time Software
Lecture 14 Virtual Memory and the Alpha Memory Hierarchy
Secure Processing On-Chip
Module IV Memory Organization.
AdaCore Technologies for Cyber Security
ConfMVM: A Hardware-Assisted Model to Confine Malicious VMs
Lecture: Cache Innovations, Virtual Memory
Translation Lookaside Buffer
Memory Organization.
Miss Rate versus Block Size
Lecture: Cache Hierarchies
CSC3050 – Computer Architecture
CSE 471 Autumn 1998 Virtual memory
CS703 - Advanced Operating Systems
rePLay: A Hardware Framework for Dynamic Optimization
Synonyms v.p. x, process A v.p # index Map to same physical page
CSCI1600: Embedded and Real Time Software
University of Illinois at Urbana-Champaign
MicroScope: Enabling Microarchitectural Replay Attacks
Meltdown & Spectre Attacks
ARM920T Processor This training module provides an introduction to the ARM920T processor embedded in the AT91RM9200 microcontroller.We’ll identify the.
Presentation transcript:

Thwarting cache-based side- channel attacks Yuval Yarom The University of Adelaide and Data61

“The binary search needs to be done in constant time to avoid timing issue. But it's fast, so there's no problem.” An anonymous reviewer, AsiaCrypt 2016

Outline Introduction to cache attacks Constant-time programming Testing for constant-time

Microarchitecture The Microachitecture ISA Data Cache Instruction Cache Pipeline BPU TLB MMU DRAM Interconnect LLC

Microarchitectural attacks Force contention on microarchitectural components ⋯ Creating timing variations ⋯ That are used to expose an intarnal state ⋯ Which depends on secret data ⋯ Allowing the attacker to infer said data 5

Cache Structure Stores fixed-size lines Arranged as multiple sets, each consisting of multiple ways. Each memory line maps to a single cache set – Can be cached in any of the ways in the set Memory Cache Sets Ways 6

The Prime+Probe attack Choose a cache-sized memory buffer Access all the lines in the buffer, filling the cache Victim executes, evicting some of the buffer lines from the cache Measure the time to access the buffer – Accesses to cached lines is faster than to evicted lines Memory Cache 7 C. Percival, "Cache Missing for Fun and Profit", BSDCan, 2005 D. A. Osvik, A. Shamir and E. Tromer, "Cache Attacks and Countermeasures: The Case of AES", CT-RSA 2006

Prime+Probe attack on GnuPG Square Multiply

The Bernstein attack AES tables stored in memory – Table access patterns depend on both the key and the plaintext/ciphertext – Access time depends on the pattern of previous accesses Attack: – Create timing profiles for each key byte – Measure timing – Match with profile 9 Timing Profile for byte 15 [Ber05] D. J. Bernstein, "Cache-timing attacks on AES", 2005

F LUSH +R ELOAD F LUSH memory line Wait a bit Measure time to R ELOAD line – slow-> no access – fast-> access Repeat Processor Memory Cache 10 D. Gullasch, E. Bangerter and S. Krenn, “Cache Games - Bringing Access-Based Cache Attacks on AES to Practice”, IEEE S&P 2011 Y. Yarom and K. Falkner, “Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack”, USENIX Security 2014

F LUSH +R ELOAD on GnuPG

Why focus on crypto? Because that’s where the keys are Small code base with fairly regular operation – Narrow semantic gap between the code and the leak

Mitigation Strategies System – Avoid/reduce sharing – Insert noise (e.g. noisy timers, random caches) Software – Inject noise (e.g. blinding) – Constant-time programming

Constant-time programming Execution time does not depend on any secret data Three rules: – No instructions with data-dependent execution time – No secret-dependent flow control – No secret-dependent memory access

Constant-time programming in practice

Fix attempt #1

Fix attempt #2

Fix attempt #3

Checking for constant-time Manual testing is not easy and is error-prone.

Dynamic Analysis ctgrind – A patch against valgrind memcheck – Dynamically taints secret-dependent data – Warns on secret-dependent branches and memory access Dynamic analysis can miss code paths A. G. Langley, ctgrind

Source Analysis FlowTracker – Uses information flow analysis to identify non- constant-time-accesses Potential mismatch between code and binary B. Rodrigues, F. M. Q. Pereira, D. F. Aranha, “Sparse Representation of Implicit Flows with Applications to Side-Channel Detection”, CC 2016

Binary Analysis CacheAudit – Analyses the amount of leakage from a binary given a cache model The analysis may miss some important cache configurations Not all of the microarchitecture is modeled – Cache banks? Branch Prediction? Cache slices? May accept implementations that are not constant-time G. Doychev, B.Köpf, L.Mauborgne and J.Reineke, “CacheAudit: A Tool for the Static Analysis ofCache Side Channels”, TISSEC 18(1) 2005 G. Doychev and B. Köpf, “Rigorous Analysis of Software Countermeasures against Cache Attacks”, aarXiv , 2016

What about instructions with data- dependent time? ISA Data Cache Instruction Cache Pipeline BPU TLB MMU DRAM Interconnect LLC

What about instructions with data- dependent time? We rely on partial and misleading documentation What if? – A vendor decide to shortcut additions or multiplications of known zeros? – Writes that do not modify the value do not result in a dirty cache line? We need guarantees on CPU behaviour – See

Summary Microarchitectural attacks are a threat to the security of cryptographic implementations Constant time programming is our current best defence But we still need: – Improved proofs of correctness – Better tests for constant-time – Vendor guarantees on the hardware

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.