Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks

Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks

We propose a flexibly-partitioned cache design that either drastically weakens or completely eliminates cache-based side channel attacks. The proposed Non-Monopolizable (NoMo) cache dynamically reserves cache lines for active threads and prevents other co-executing threads from evicting reserved lin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ACM transactions on architecture and code optimization 2012-01, Vol.8 (4), p.1-21
Hauptverfasser: Domnitser, Leonid, Jaleel, Aamer, Loew, Jason, Abu-Ghazaleh, Nael, Ponomarev, Dmitry
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We propose a flexibly-partitioned cache design that either drastically weakens or completely eliminates cache-based side channel attacks. The proposed Non-Monopolizable (NoMo) cache dynamically reserves cache lines for active threads and prevents other co-executing threads from evicting reserved lines. Unreserved lines remain available for dynamic sharing among threads. NoMo requires only simple modifications to the cache replacement logic, making it straightforward to adopt. It requires no software support enabling it to automatically protect pre-existing binaries. NoMo results in performance degradation of about 1% on average. We demonstrate that NoMo can provide strong security guarantees for the AES and Blowfish encryption algorithms.
ISSN:1544-3566
1544-3973
DOI:10.1145/2086696.2086714