s catter c ache thwarting cache attacks via cache set
play

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set - PowerPoint PPT Presentation

Nov 18, 2022 •185 likes •460 views

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology What is S CATTER C ACHE ? www.tugraz.at Alternative design for n-way

  1. S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology

  2. What is S CATTER C ACHE ? www.tugraz.at • Alternative design for n-way set associative caches • Designed as countermeasures against cache attacks • Breaks the fixed link between addresses and cache sets • Increases the number of possible cache sets • IDs to change the mapping between security domains → Exploitation of side channel information is much harder • Reuses established concepts • Skewed caches [Sez93] • Low latency cryptography (e.g., QARMA-64 [Ava17]) • Still similar to existing cache designs (usability, hardware) Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 1

  3. Motivation and Background

  4. CPU Cache www.tugraz.at DRAM access, slow s s s s s s s s i i i i m m m m t t t s s s e e e e e e e u u u q q q h h h h c c c c e e e R R R a a a a C C C C printf("%d", i); printf("%d", i); printf("%d", i); printf("%d", i); printf("%d", i); Response Response Response i i i printf("%d", i); printf("%d", i); printf("%d", i); printf("%d", i); printf("%d", i); t t i i h h e e h h c c a a C C No DRAM access, much faster Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 2

  5. Memory Access Latency www.tugraz.at Cache Hits Cache Misses · 10 6 3 Number of Accesses 2 1 0 50 100 150 200 250 300 350 400 Latency [Cycles] generated using the CTA calibration tool [GSM15] on my i5-4200U laptop Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 3

  6. Regular 2-way Set Associative Cache www.tugraz.at Memory Address Cache Way 1 Tag Way 1 Data n bits b bits Tag Data Way 2 Tag Way 2 Data 2 n cache sets f Cache Index =? Tag =? Data Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 4

  7. Prime+Probe www.tugraz.at Attacker Victim Cache Address Space Address Space loads data fast access slow access loads data Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 5

  8. Why should we care? www.tugraz.at • Cache attacks are powerful and break isolation boundaries • Many attacking techniques • F LUSH +R ELOAD , E VICT +R ELOAD , F LUSH +F LUSH • P RIME +P ROBE , E VICT +T IME • Numerous attack scenarios • Extracting cryptographic keys • Keyloggers • Breaking of ASLR • Collection of private information • Often used building block for further microarchitectural attacks Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 6

  9. S CATTER C ACHE

  10. S CATTER C ACHE - Idea www.tugraz.at Set 0 Set 1 Set 2 Set 3 Addr. A Addr. B @DAC [Tri+18], @MICRO [Qur18] Addr. A Domain X Addr. A Domain Y Addr. B Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 7

  11. How can we build such a S CATTER C ACHE ?

  12. S CATTER C ACHE - Naive Concept www.tugraz.at • Index Derivation Function (IDF) SDID tag index ofgset takes an address and returns a cache line address cache set IDF key • Depends on hardware key and idx 0 idx 2 idx 1 idx 3 idx 0-3 optional Security Domain ID (SDID) • → Unique combination of cache � n ways · 2 bindices + n ways − 1 � possible cache sets lines for each address n ways − Potential index collisions 512 KiB (32 B lines), n ways = 8 , b indices = 11 − One n ways multi-port memory → 2 96 . 7 sets Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 8

  13. S CATTER C ACHE - Concept www.tugraz.at We want something that is closer to a traditional cache! instead of this: let’s do this: way 0 way 1 way 2 way 3 key way 0 way 1 way 2 way 3 ofgset SDID set[idx-2] idx 1 ofgset set[idx-1] idx 0 index IDF index cache line idx 2 set[idx+1] addr. tag tag idx 3 set[idx+2] Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 9

  14. S CATTER C ACHE - Concept www.tugraz.at key way 0 way 1 way 2 way 3 SDID idx 1 ofgset • Skewed cache [Sez93] ( i.e. , idx 0 traditional cache with additional IDF index addressing logic) and an IDF idx 2 cache line addr. tag • Similar to building larger caches idx 3 from smaller cache slices 2 b indices · n ways possible cache sets • We use random replacement policy (for now) 512 KiB (32 B lines), n ways = 8 , b indices = 11 → 2 88 sets Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 10

  15. S CATTER C ACHE - Selecting the IDF www.tugraz.at • Inputs: cache line address, SDID, key • Outputs: n ways indices with b indices bits • Reuse concepts and existing cryptographic primitives • SCv1: hashing variant • Block ciphers (e.g., PRINCE [Bor+12]) • Tweakable block ciphers (e.g., QARMA [Ava17]) • Permutation-based primitives (e.g., Keccak- p [Ber+11]) • SCv2: permutation variant • Prevents birthday-bound index collisions • No off-the-shelf primitives Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 11

  16. System Integration

  17. S CATTER C ACHE - System Integration www.tugraz.at • S CATTER C ACHE as last level cache • Hardware managed key • Randomly generated at boot time • Rekeying with full cache flush • Potential for iterative rekeying → concurrently developed CEASER-S @ISCA [Qur19] • SDID management via page table (indirection) • x86: Page Attribute Tables (PATs) • ARM: Memory Attribute Indirection Register (MAIRs) Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 12

  18. S CATTER C ACHE - Software Support www.tugraz.at • S CATTER C ACHE requires no software support, default SDID = 0 • But - OS support enables page-wise security domains → shared read-only pages can be private in the cache! • OS can define domains as needed (pages, processes, containers, VMs, . . . ) • Software-based page “rekeying” by changing the SDID Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 13

  19. Security and Evaluation

  20. Applicable Cache Attacks www.tugraz.at • Unshared memory has no shared (physical) addresses → No F LUSH +R ELOAD , E VICT +R ELOAD , F LUSH +F LUSH → Specialized P RIME +P ROBE is possible • Shared, read-only memory → Like unshared memory given OS support → Otherwise, eviction-based attacks are hindered • Shared, writable memory can’t be separated → Eviction-based attacks are hindered Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 14

  21. S CATTER C ACHE - P RIME +P ROBE www.tugraz.at • No end-to-end attack yet → Simplified setting: perfect control, single access, no noise → Investigate the building blocks in simulation and analytically • Finding congruent addresses ( n ways = 8 , b indices = 11) • Full collisions are unlikely → use partial collisions • Approach in the paper: ≈ 2 25 profiled victim accesses • Generalized by Purnal and Verbauwhede [PV19]: ≈ 2 10 • Evicting one set with 99 % needs 275 addresses • Two P RIME +P ROBE variants ( n ways = 8 , b indices = 12) • 99 % confidence: 35 to 152 victim accesses (repetitions) • Between 9870 and 1216 congruent addresses • Investigate the effect of noise (coupon collector problem) Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 15

  22. S CATTER C ACHE - Performance www.tugraz.at • Micro benchmarks using the gem5 full system simulator (ARM) • Poky Linux from Yocto 2.5 (kernel version 4.14.67) • GAP , MiBench, lmbench, scimark2 • SPEC CPU 2017 on custom cache simulator • Cache hit rate always at or above levels of set-associative cache with random replacement • Typically 2 % − 4 % below LRU on micro benchmarks, 0 % − 2 % for SPEC Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 16

  23. Conclusion www.tugraz.at • S CATTER C ACHE builds upon skewed caches and low latency cryptographic primitives • Breaks the fixed link between addresses and cache sets • Removes the rigid assignment of cache lines to sets • Enables software control over the cache congruencies via SDIDs • Comparable performance to contemporary caches • Harder to attack even in very strong attack models • Attacks are probabilistic and demand new approaches • Still, more analysis is required in more realistic models to determine if and how often rekeying is needed Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 17

  24. Acknowledgements - We want to thank ... www.tugraz.at • the anonymous USENIX reviewers. • our shepherd Yossi Oren. • Antoon Purnal and Ingrid Verbauwhede from KU Leuven for their analysis. • Our funding partners: • European Research Council (ERC) Horizon 2020 grant agreement No 681402 • Intel Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard — Graz University of Technology 18

  25. S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology

Recommend

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

Cache Performance Metrics Cache miss rate: number of cache misses divided by number of accesses Lecture 14: Hardware Approaches for Cache Optimizations Cache hit time: the time between sending address and data returning from cache Cache

608 views • 4 slides
Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency

Web Cache Consistency Web Cache Consistency Web Cache Consistency Web Cache Consistency Requirements of performance, availability, and disconnected operation require us to relax the goal of semantic transparency. - HTTP 1.1 specification

598 views • 13 slides
L09: Cache Name: ID: Question: Direct Mapping Cache Hit Rate Consider a 4-block empty Cache,

L09: Cache Name: ID: Question: Direct Mapping Cache Hit Rate Consider a 4-block empty Cache,

L09: Cache Name: ID: Question: Direct Mapping Cache Hit Rate Consider a 4-block empty Cache, and all blocks initially marked as not valid , Given the main memory word addresses 0 1 2 3 4 3 4 15, calculate Cache hit rate. Cache Index

654 views • 9 slides
NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi Cache Attack from the Network Client Server Remote Cache Attack SSH 2 Network Cache Attack 3

794 views • 32 slides
What Is Memory Hierarchy A typical memory hierarchy today: Lecture 13: Cache Basics and Cache

What Is Memory Hierarchy A typical memory hierarchy today: Lecture 13: Cache Basics and Cache

What Is Memory Hierarchy A typical memory hierarchy today: Lecture 13: Cache Basics and Cache Performance Proc/Regs L1-Cache Bigger Faster L2-Cache Memory hierarchy concept, cache L3-Cache (optional) design fundamentals, set-associative

303 views • 4 slides
Cache Performance Associativity Replacement Samira Khan Cache Performance March 28,

Cache Performance Associativity Replacement Samira Khan Cache Performance March 28,

3/28/17 Agenda Review from last lecture Cache access Cache Performance Associativity Replacement Samira Khan Cache Performance March 28, 2017 Direct-Mapped Cache: Placement and Access Cache Abstraction and Metrics 00 | 000

518 views • 16 slides
Plan Hierarchical memories and their impact on our programs 1 Cache Memories, Cache Complexity

Plan Hierarchical memories and their impact on our programs 1 Cache Memories, Cache Complexity

Plan Hierarchical memories and their impact on our programs 1 Cache Memories, Cache Complexity Cache Analysis in Practice 2 Marc Moreno Maza The Ideal-Cache Model 3 University of Western Ontario, London, Ontario (Canada) Cache Complexity

632 views • 25 slides
An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve Flemming Andersen Outline Motivation Cache attacks: origins, time-driven attack Strength of an implementation Analytical model of

685 views • 19 slides
DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek petr.spacek@nic.cz 2018-05-16 Talk outline Aggressive cache theory expectations efficiency Normal traffic measurements

823 views • 30 slides
Generations of Cache 1980: no cache in proc; 1989 first Intel proc with a cache on chip.

Generations of Cache 1980: no cache in proc; 1989 first Intel proc with a cache on chip.

Generations of Cache 1980: no cache in proc; 1989 first Intel proc with a cache on chip. 1995 2-level cache on chip Instructions Per Cycle Lost to Memory 1st Alpha 340 ns/5.0 ns = 68 clks x 2 or 136 2nd Alpha 266 ns/3.3 ns

588 views • 46 slides
Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&Time vs. MbedTLS AES on STM32

477 views • 20 slides
Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France November 16, 2017 Cryptacus Workshop, Nijmegen, Netherlands the attacker only needs unprivileged execution on the victims machine

1.99k views • 164 slides
Caches Electronic Computers M Caches 1 Cache LOCALITY PRINCIPLE (SPATIAL AND TEMPORAL)

Caches Electronic Computers M Caches 1 Cache LOCALITY PRINCIPLE (SPATIAL AND TEMPORAL)

Caches Electronic Computers M Caches 1 Cache LOCALITY PRINCIPLE (SPATIAL AND TEMPORAL) WORKING SET CPU Cache Registers Cache I lev. Cache II lev. Cache III lev. Memory Disk Tape The cache is a memory with an access time some

572 views • 55 slides
1 Locate set Cache Read Example: Direct Mapped Cache (E = 1) Check if any line in set

1 Locate set Cache Read Example: Direct Mapped Cache (E = 1) Check if any line in set

Today Cache memory organization and operation Performance impact of caches Cache Memories The memory mountain Rearranging loops to improve spatial locality Using blocking to improve temporal locality CSci 2021: Machine

102 views • 8 slides
CSE378 - Cache Performance metrics for caches Parameters for cache design Basic performance

CSE378 - Cache Performance metrics for caches Parameters for cache design Basic performance

CSE378 - Cache Performance metrics for caches Parameters for cache design Basic performance metric: hit ratio h Goal: Have h as high as possible without paying too much for T cache h = Number of memory references that hit in the cache /

427 views • 6 slides
Memory Hierarchy: Cache Memory hierarchy Cache basics Locality Cache organization Cache-aware

Memory Hierarchy: Cache Memory hierarchy Cache basics Locality Cache organization Cache-aware

Memory Hierarchy: Cache Memory hierarchy Cache basics Locality Cache organization Cache-aware programming How does execution time grow with SIZE? int[] array = new int[SIZE]; fillArrayRandomly(array); int s = 0; for (int i = 0; i <

847 views • 48 slides
Direct Map Cache and Set Associative Cache (Revision) Lecture 14 CDA 3103 07-07-2014 Example 1

Direct Map Cache and Set Associative Cache (Revision) Lecture 14 CDA 3103 07-07-2014 Example 1

Direct Map Cache and Set Associative Cache (Revision) Lecture 14 CDA 3103 07-07-2014 Example 1 A set-associative cache consists of 64 lines, or slots, divided into four-line sets. Main memory contains 4K blocks of 128 words each. Show the

357 views • 19 slides
Cache Creek Placer Area Fee Proposal History of Placer Mining at Cache Creek Prospecting in

Cache Creek Placer Area Fee Proposal History of Placer Mining at Cache Creek Prospecting in

Cache Creek Placer Area Fee Proposal History of Placer Mining at Cache Creek Prospecting in Colorado began in 1858 1859, First discovery of gold in Cache Creek Park 1860, Campbell and Shoewalter excavated their first pits in Cache

298 views • 13 slides
I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia , Xinshu Dong , Zhenkai Liang , Prateek Saxena ! School of Computing, National University of Singapore ! Advanced Digital

496 views • 28 slides
Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses

Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses

Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses How cache memory works Types of caches Why cache memory works Example implementations Cache design basics Pentium PowerPC

813 views • 28 slides
Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses

Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses

Cache Memory Chapter 17 S. Dandamudi Outline Introduction Types of cache misses How cache memory works Types of caches Why cache memory works Example implementations Pentium Cache design basics PowerPC

802 views • 56 slides
System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus Peinado, Gloria Mainar-Ruiz MIT CSAIL Microsoft Research Security is a big concern in cloud adoption Why are cache-based side channel

588 views • 38 slides
Cache Memories, Cache Complexity Marc Moreno Maza University of Western Ontario, London, Ontario

Cache Memories, Cache Complexity Marc Moreno Maza University of Western Ontario, London, Ontario

Cache Memories, Cache Complexity Marc Moreno Maza University of Western Ontario, London, Ontario (Canada) CS3101 and CS4402-9635 Plan Hierarchical memories and their impact on our programs Cache Analysis in Practice The Ideal-Cache Model

1.18k views • 100 slides

More recommend