cache storage channels alias driven attacks formally
play

Cache Storage Channels Alias-driven Attacks Formally Verified - PowerPoint PPT Presentation

Feb 20, 2024 •35 likes •675 views

Roberto Guanciale Mads Dam Hamed Nemati Christoph Baumann Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified Platforms Caches Excluded Formally Verified from the analysis Platforms Caches Excluded

  1. Roberto Guanciale Mads Dam Hamed Nemati Christoph Baumann Cache Storage Channels Alias-driven Attacks

  2. Formally Verified Platforms

  3. Formally Verified Platforms

  4. Caches Excluded Formally Verified from the analysis Platforms

  5. Caches Excluded Formally Verified from the analysis Platforms

  6. Caches Excluded Formally Verified from the analysis Platforms

  7. Caches Excluded Formally Verified from the analysis Platforms

  8. Caches Excluded Formally Verified from the analysis Platforms Models should be Sound

  9. Caches Excluded Formally Verified from the analysis Platforms Models should be Sound Storage Channels can invalidate results

  10. Cacheable (std-memory) Virtual MMU Address Non-cacheable (devices) Page T ables Incoherent Cache Behaviors

  11. Mismatched cacheability attributes

  12. Mismatched cacheability attributes do not do this

  13. Mismatched cacheability attributes Please, do not do this

  14. Mismatched cacheability attributes Please, do not do this Incoherent Cache Behaviors

  15. Mismatched cacheability attributes Please, do not do this Incoherent Cache Behaviors ARM-terminology: unexpected cache hit if the data cache reports a hit on a memory location that is marked as non- cacheable, the cache might access the memory disregarding such hit.

  16. OS OS Hypervisor Scenarios

  17. ARM OS OS OS TrustZone Service Hypervisor Scenarios

  18. ARM OS OS OS TrustZone Service Hypervisor Device User Driver Process Scenarios Kernel

  19. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  20. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  21. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  22. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  23. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  24. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  25. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  26. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  27. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 0 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  28. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  29. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  30. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  31. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  32. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  33. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  34. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  35. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  36. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … u s e ( V A _ c )

  37. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … D = = 0 u s e ( V A _ c )

  38. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … D = = 0 u s e ( V A _ c )

  39. Attacker w r i t e ( V A _ n c , 0 ) … memory w r i t e ( V A _ n c , 1 ) VA_nc 1 f r e e ( V A _ n c ) Victim PA cache D = a c c e s s ( V A _ c ) line dirty VA_c … 0 F D = a c c e s s ( V A _ c ) i f n o t p o l i c y ( D ) R e j e c t ( ) … e v i c t i o n u s e ( V A _ c )

Recommend

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France November 16, 2017 Cryptacus Workshop, Nijmegen, Netherlands the attacker only needs unprivileged execution on the victims machine

1.99k views • 164 slides
An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve Flemming Andersen Outline Motivation Cache attacks: origins, time-driven attack Strength of an implementation Analytical model of

685 views • 19 slides
Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
CDAC: Content-Driven Deduplication-Aware Storage Cache Yujuan Tan , Jing Xie, Congcong Xu, Zhichao

CDAC: Content-Driven Deduplication-Aware Storage Cache Yujuan Tan , Jing Xie, Congcong Xu, Zhichao

CDAC: Content-Driven Deduplication-Aware Storage Cache Yujuan Tan , Jing Xie, Congcong Xu, Zhichao Yan, Hong Jiang, Yajun Zhao, Min Fu, Xianzhang Chen, Duo Liu, Wen Xia Outline Introduction and Motivation Design of CDAC Performance

863 views • 42 slides
1 What Can Alias? (cont) Alias Analysis Arrays Goal: Statically identify aliases do b[c[i 1 ]]

1 What Can Alias? (cont) Alias Analysis Arrays Goal: Statically identify aliases do b[c[i 1 ]]

Alias Analysis Aliasing Last time What is aliasing? Midterm When two expressions denote the same mutable memory location e.g., p = new Object; Today q = p; * p and * q alias Alias analysis (pointer analysis) How do aliases

162 views • 5 slides
S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology What is S CATTER C ACHE ? www.tugraz.at Alternative design for n-way

460 views • 27 slides
DNS Cache Poisoning Attack Relo loaded: Revolutions wit ith Sid ide Channels Keyu Man, Zhiyun

DNS Cache Poisoning Attack Relo loaded: Revolutions wit ith Sid ide Channels Keyu Man, Zhiyun

DNS Cache Poisoning Attack Relo loaded: Revolutions wit ith Sid ide Channels Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan Contents Background DNS Cache Poisoning Part I: Infer

934 views • 23 slides
Replacement with Utility-Driven Adaptation Cong Li, Intel Corporation 12 th ACM International

Replacement with Utility-Driven Adaptation Cong Li, Intel Corporation 12 th ACM International

CLOCK-Pro+: Improving CLOCK-Pro Cache Replacement with Utility-Driven Adaptation Cong Li, Intel Corporation 12 th ACM International Systems & Storage Conference (SYSTOR 2019) Outline Introduction: Cache & Page Replacement

1.34k views • 35 slides
NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi Cache Attack from the Network Client Server Remote Cache Attack SSH 2 Network Cache Attack 3

794 views • 32 slides
Abusing hardware for fun and profit Agenda Cache-based Covert channels w/ demo Spectre

Abusing hardware for fun and profit Agenda Cache-based Covert channels w/ demo Spectre

Abusing hardware for fun and profit Agenda Cache-based Covert channels w/ demo Spectre and Meltdown from covert channels Process isola8on + OS (CS 423) OS paging OS services 0x00000000 Communica<on to other processes

568 views • 15 slides
Playing with Maya thru MEL/ API Min Gyu Choi Kwangwoon University Alias Maya Alias|Wavefront

Playing with Maya thru MEL/ API Min Gyu Choi Kwangwoon University Alias Maya Alias|Wavefront

Playing with Maya thru MEL/ API Min Gyu Choi Kwangwoon University Alias Maya Alias|Wavefront Maya is one of the greatest and most complex computer programs ever made. Alias Maya Alias Maya Maya has many features as default. Maya

898 views • 65 slides
1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

Cache Performance Metrics Cache miss rate: number of cache misses divided by number of accesses Lecture 14: Hardware Approaches for Cache Optimizations Cache hit time: the time between sending address and data returning from cache Cache

608 views • 4 slides
I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia , Xinshu Dong , Zhenkai Liang , Prateek Saxena ! School of Computing, National University of Singapore ! Advanced Digital

496 views • 28 slides
DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek petr.spacek@nic.cz 2018-05-16 Talk outline Aggressive cache theory expectations efficiency Normal traffic measurements

823 views • 30 slides
Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&Time vs. MbedTLS AES on STM32

477 views • 20 slides
The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations Eyal Ronen , Robert

The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations Eyal Ronen , Robert

The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations Eyal Ronen , Robert Gillham, Daniel Genkin, Adi Shamir, David Wong and Yuval Yarom Transport Layer Security (TLS) The most widely used cryptographic protocol

1.36k views • 120 slides
Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency Requirements of performance, availability, and disconnected operation require us to relax the goal of semantic transparency. - HTTP 1.1 specification

599 views • 13 slides
CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded Systems (CHES) 2019 Alejandro Cabrera Aldaya 1 , Cesar Pereida Garca 2 , Luis Manuel Alvarez Tapia 1 , Billy Bob Brumley 2 , {aldaya,

373 views • 21 slides
CAPnet: A Defense Against Cache Accounting Attacks on Content Distribution Networks Ghada

CAPnet: A Defense Against Cache Accounting Attacks on Content Distribution Networks Ghada

CAPnet: A Defense Against Cache Accounting Attacks on Content Distribution Networks Ghada Almashaqbeh 1 , Kevin Kelley 2 , Allison Bishop 1,3 , Justin Cappos 4 1 Columbia, 2 CacheCash, 3 Proof Trading, 4 NYU IEEE CNS 2019, DC, USA Outline

226 views • 19 slides
Alias Analysis Last time Alias analysis I (pointer analysis) Address Taken FIAlias,

Alias Analysis Last time Alias analysis I (pointer analysis) Address Taken FIAlias,

Alias Analysis Last time Alias analysis I (pointer analysis) Address Taken FIAlias, which is equivalent to Steensgaard Today Alias analysis II (pointer analysis) Anderson Emami Next time Midterm review CS553

207 views • 8 slides
System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus Peinado, Gloria Mainar-Ruiz MIT CSAIL Microsoft Research Security is a big concern in cloud adoption Why are cache-based side channel

588 views • 38 slides
Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This paper reports successful Thanks to: extraction of a complete AES key University of Illinois at Chicago from a network server NSF CCR9983950 on

1.28k views • 91 slides
Alias Analysis Last time Interprocedural analysis Today Intro to alias analysis (pointer

Alias Analysis Last time Interprocedural analysis Today Intro to alias analysis (pointer

Alias Analysis Last time Interprocedural analysis Today Intro to alias analysis (pointer analysis) CS553 Lecture Alias Analysis I 1 Aliasing What is aliasing? When two expressions denote the same mutable memory location e.g.,

812 views • 19 slides
CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert

CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation Robert Brotzman, Shen Liu, Danfeng Zhang, Gang Tan, Mahmut Kandemir Pennsylvania State University Cache Side Channels Process Data CPU Cache Program Side

390 views • 20 slides

More recommend