Casa: End-to-end quantitative security analysis of randomly mapped caches
It is well known that there are micro-architectural vulnerabilities that enable an attacker to
use caches to exfiltrate secrets from a victim. These vulnerabilities exploit the fact that the …
use caches to exfiltrate secrets from a victim. These vulnerabilities exploit the fact that the …
Systematic analysis of randomization-based protected cache architectures
Recent secure cache designs aim to mitigate side-channel attacks by randomizing the
mapping from memory addresses to cache sets. As vendors investigate deployment of these …
mapping from memory addresses to cache sets. As vendors investigate deployment of these …
Randomized last-level caches are still vulnerable to cache side-channel attacks! but we can fix it
Cache randomization has recently been revived as a promising defense against conflict-
based cache side-channel attacks. As two of the latest implementations, CEASER-S and …
based cache side-channel attacks. As two of the latest implementations, CEASER-S and …
Advanced profiling for probabilistic Prime+ Probe attacks and covert channels in ScatterCache
A Purnal, I Verbauwhede - arXiv preprint arXiv:1908.03383, 2019 - arxiv.org
Timing channels in cache hierarchies are an important enabler in many microarchitectural
attacks. ScatterCache (USENIX 2019) is a protected cache architecture that randomizes the …
attacks. ScatterCache (USENIX 2019) is a protected cache architecture that randomizes the …
{ScatterCache}: thwarting cache attacks via cache set randomization
Cache side-channel attacks can be leveraged as a building block in attacks leaking secrets
even in the absence of software bugs. Currently, there are no practical and generic …
even in the absence of software bugs. Currently, there are no practical and generic …
Bespoke cache enclaves: Fine-grained and scalable isolation from cache side-channels via flexible set-partitioning
G Saileshwar, S Kariyappa… - … Symposium on Secure …, 2021 - ieeexplore.ieee.org
Cache partitioning is a principled defense against side-channel attacks on shared last-level
caches (LLCs). Such defenses allocate isolated cache regions to distrusting applications …
caches (LLCs). Such defenses allocate isolated cache regions to distrusting applications …
Prime+ Scope: Overcoming the observer effect for high-precision cache contention attacks
Modern processors expose software to information leakage through shared
microarchitectural state. One of the most severe leakage channels is cache contention …
microarchitectural state. One of the most severe leakage channels is cache contention …
NetCAT: Practical cache attacks from the network
M Kurth, B Gras, D Andriesse… - … IEEE Symposium on …, 2020 - ieeexplore.ieee.org
Increased peripheral performance is causing strain on the memory subsystem of modern
processors. For example, available DRAM throughput can no longer sustain the traffic of a …
processors. For example, available DRAM throughput can no longer sustain the traffic of a …
Attack directories, not caches: Side channel attacks in a non-inclusive world
M Yan, R Sprabery, B Gopireddy… - … IEEE Symposium on …, 2019 - ieeexplore.ieee.org
Although clouds have strong virtual memory isolation guarantees, cache attacks stemming
from shared caches have proved to be a large security problem. However, despite the past …
from shared caches have proved to be a large security problem. However, despite the past …
Are randomized caches truly random? Formal analysis of randomized-partitioned caches
Cache based side-channel attacks exploit the fact that an adversary can setup the shared
cache memory (the last level cache in modern systems) into a known state and detect any …
cache memory (the last level cache in modern systems) into a known state and detect any …