Cache Side Channel Defense System -Ezgi Demirayak

From CS486wiki
Jump to navigationJump to search

Cache Side Channel Attacks

When a program needs a particular data object  from level, it first looks for  in one of the blocks currently stored at level. If  happens to be cached at level  , then we have what is called a cache hit. The program reads  directly from level, which by the nature of the memory hierarchy is faster than reading from level. For example, a program with good temporal locality might read a data object from block 14, resulting in a cache hit from level. Although caches are highly effective in reducing average memory access time and thus widely used in modern proces- sors, their internal functionalities, i.e., hit/miss behaviors, were shown to leak critical information that puts trusted software implementations in an unforeseen danger.

Software cache-based side channel attacks present a serious threat to computer systems. There exist mainly two types of software cache-based sidechannel attacks: access-driven and time-driven attacks. In access-driven attacks, the adversary has control over one or multiple spy processes, which share the cache with the victim process. Due to cache sharing, the victim process may evict the spy process’ cache lines/entries when it accesses keydependent (i.e., critical) cache lines/entries. By measuring the access times of itsowncache lines/entries, the spy process can figure out which cache lines/entries are evicted by the victim process. Such cache access behavior of the victim process may leak enough information for the adversary to infer the key. In time-driven attacks, the adversary sends various encryption/decryption requests to the target crypto process. Upon receiving responses, the adversary records the encryption times. Since the secret key may correlate to different number of cache misses upon different inputs/ outputs, the variations among encryption times may provide sufficient information for the adversary to derive the key.

I'm researching in order to find a defense system to prevent the attackers from reaching LLC.

2 October: Met with Prof. Ponomarev in order to discuss the questions that I have. Also we determined what part of the paper I will be working on. I will develop a defense mechanism to protect writable data in caches.

4 October: I researched AES cypher which is a symmetric cypher. https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture8.pdf

7 October : I've read Prof. Dmitry Ponomarev's publication about Cache Side Channel Attacks.

9 October: Learned the basics of M-sim simulator from a graduate student of Prof.Ponomarev in order to use it when I need statistics.

10 October: I've read articles about El-Gamal cipher. http://www14.in.tum.de/konferenzen/Jass05/courses/1/papers/meier_paper.pdf http://www.asecuritysite.com/encryption/elgamal

18 October Worked on a possible solution. File:/Users/demirayak/Desktop/20151023 102303.jpg.jpg


21 October Worked on a possible solution.

File:/Users/demirayak/Desktop/20151023 102056.jpg 23 October Weekly meeting with Professor.Ponomarev.

Retrieved from "https://www.cs.binghamton.edu/~steflik/wiki/index.php?title=Cache_Side_Channel_Defense_System_-Ezgi_Demirayak&oldid=7992"