Background
Shared caches are vulnerable to side channel attacks through contention in cache sets. Contention attacks, as opposed to reuse attacks, depend on having a shared cache between the attacker and the victim and do not require the presence of shared memory. Existing solutions to prevent these attacks resort to partitioning or hiding the mapping between the addresses and their location in the cache by using encryption, which can take multiple extra cycles per access. Static encryption is also susceptible to rapidly advancing attacks, and even those keys that can be changed frequently to prevent the discovery of eviction sets do so at a significant power and performance impact. Another common shortfall with existing defense techniques is their requirement of identified security domains for the defense to be effective.
Technology Overview
The fundamental design aspect that contention attacks exploit is the deterministic nature of the set of addresses contending for a cache set. RollingCache dynamically changes the set of addresses contending for cache sets. Unlike prior defenses, RollingCache does not rely on additional computationally-expensive address encryption, thereby eliminating multiple additional cycles required per access by these designs. It uses one level of indirection to implement dynamic mapping controlled by the whole-cache runtime behavior. This solution does not depend on having defined security domains and can defend against an attacker running on the same or another core.
Benefits
Security evaluation of RollingCache has shown its dynamic mapping to remove the deterministic ability to identify the source of contention. The performance evaluation shows an impact of 1.34% over a mix of workloads, with a corresponding increase in power consumption of ~2% and an area overhead of ~3%.
Applications
Cache security design systems