A Security Model for Randomization-based Protected Caches

Jordi Ribes-González; Oriol Farràs; Carles Hernández; Vatistas Kostalabros; Miquel Moretó

doi:10.46586/tches.v2022.i3.1-25

Authors

Jordi Ribes-González Universitat Rovira i Virgili, Tarragona, Spain
Oriol Farràs Universitat Rovira i Virgili, Tarragona, Spain
Carles Hernández Universitat Politècnica de València, València, Spain
Vatistas Kostalabros Barcelona Supercomputing Center, Barcelona, Spain
Miquel Moretó Barcelona Supercomputing Center, Barcelona, Spain

DOI:

https://doi.org/10.46586/tches.v2022.i3.1-25

Keywords:

Cache side-channel attacks, Timing attacks, Randomization-based protected caches, Randomly-mapped caches, Pseudo-random functions, Security definition

Abstract

Cache side-channel attacks allow adversaries to learn sensitive information about co-running processes by using only access latency measures and cache contention.
This vulnerability has been shown to lead to several microarchitectural attacks. As a promising solution, recent work proposes Randomization-based Protected Caches (RPCs). RPCs randomize cache addresses, changing keys periodically so as to avoid long-term leakage. Unfortunately, recent attacks have called the security of state-of-the-art RPCs into question.
In this work, we tackle the problem of formally defining and analyzing the security properties of RPCs. We first give security definitions against access-based cache sidechannel attacks that capture security against known attacks such as Prime+Probe and Evict+Probe. Then, using these definitions, we obtain results that allow to guarantee security by adequately choosing the rekeying period, the key generation algorithm and the cache randomizer, thus providing security proofs for RPCs under certain assumptions.

A Security Model for Randomization-based Protected Caches

Authors

DOI:

Keywords:

Abstract

Downloads

Published

How to Cite

Issue

Section

License

iacr-logo

Usage Statistics Information