Over the last two decades, the danger of sharing resources between programs has been repeatedly highlighted. Multiple side-channel attacks, which seek to exploit shared components for leaking information, have been devised, mostly targeting shared caching components. In response, the research community has proposed multiple cache designs that aim at curbing the source of side channels. With multiple competing designs, there is a need for assessing the level of security against side-channel attacks that each design offers. In this work we propose CacheFX, a flexible framework for assessing and evaluating the resilience of cache designs to side-channel attacks. CacheFX allows the evaluator to implement various cache designs, victims, and attackers, as well as to exercise them for assessing the leakage of information via the cache. To demonstrate the power of CacheFX, we implement multiple cache designs and replacement algorithms, and devise three evaluation metrics that measure different aspects of the caches:(1) the entropy induced by a memory access; (2) the complexity of building an eviction set; and (3) protection against cryptographic attacks. Our experiments highlight that different security metrics give different insights to designs, making a comprehensive analysis mandatory. For instance, while eviction-set building was fastest for randomized skewed caches, these caches featured lower eviction entropy and higher practical attack complexity. Our experiments show that all non-partitioned designs allow for effective cryptographic attacks. However, in state-of-the-art secure caches, eviction-based attacks are more difficult to mount than occupancy-based attacks, highlighting the need to consider the latter in cache design.
翻译:在过去20年中,人们一再强调在程序之间共享资源的危险。多道侧道攻击,这些攻击试图利用共享部件来泄漏信息,其设计主要是针对共享缓存部件。作为回应,研究界提出了多个缓存设计,目的是限制侧渠道的来源。由于设计相互竞争,有必要评估防止侧道攻击的安全程度。在这项工作中,我们提议CacheFX,一个评估和评估缓存设计对侧道攻击的弹性框架。CacheFX允许评估员执行各种缓存设计、受害者和袭击者,以及运用这些设计来评估通过缓存泄漏的信息。为了展示CacheFX的力量,我们实施了多个缓存设计和替换算法,并设计了三种评估标准,衡量缓存的不同方面:(1) 记忆访问诱发的酶;(2) 建立基于安全的驱逐装置的复杂程度;(3) 防范隐蔽攻击。我们的实验强调,不同的安全指标给各种缓存设计提供了不同的洞察力,对通过缓存工具进行了更高的缓存式袭击的清晰度, 进行更精确的缓存式分析, 并且随机地展示了我们所有的缓存式的缓冲攻击。