Princeton University

School of Engineering & Applied Science

Cache Side Channel Attacks and Secure Cache Architectures

Fangfei Liu
Engineering Quadrangle B327
Wednesday, August 17, 2016 - 2:00pm to 3:30pm

With the number of cyber attacks escalating, it is crucial to protect the confidentiality and integrity of data and programs in our networked computer systems. Although strong cryptography can be used to encrypt and authenticate data, it is rendered useless if the secret keys can be leaked out. It turns out that this can be done easily through cache side channel attacks. CPU caches are small and fast memories placed between the fast processors and the slow main memory, to reduce the effective memory access latency. Today, all processors with caches are susceptible to cache side channel attacks — this enables attackers to compromise all computers from smartphones to cloud computers.
The goal of this dissertation is to design secure caches with built-in resistance to cache side channel attacks. The first part of the dissertation focuses on designing secure level-1 (L1) caches using a moving target defense strategy. L1 cache is closest to the processor in the cache hierarchy and most latency-critical. Our secure caches can defeat all the cache side channel attacks by randomizing where data is located in the cache (called Newcache), and by randomizing when data is fetched into the cache (called random fill cache), without compromising performance.
We further study attacks and defenses on the last-level caches (LLC). In cloud computing, LLC attacks may be more pertinent to the virtual machine co-residency threats, since the LLC is shared by all the cores in a processor package, while the L1 and L2 caches are typically core-private. The dissertation demonstrates the first practical LLC attacks that can leak a cryptographic key used in a co-resident virtual machine. To defeat these LLC attacks, we propose a system solution called CATalyst, which leverages a performance-enhancing feature newly introduced in Intel processors which we use for security enhancement instead. CATalyst can provide a strong security guarantee with negligible performance degradation.