Abstract
Security-aware CPU caches have been designed to mitigate side-channel attacks and prevent information leakage. How to validate the effectiveness of these designs remains an unsolved problem. Prior works assess the security of architectures empirically without a formal guarantee, making the evaluation results less convincing. In this paper, we propose a comprehensive methodology based on formal methods for security verification of cache architectures. Specifically, we design an entropy-based noninterference reasoning framework with two unwinding conditions to assess the information leakage of the cache designs. The reasoning framework quantifies the dependency relationships by the mutual information between the distributions of input and output of side channels. Given a cache design, we formalize its behavior specification along with the cache layouts into an abstract state machine, to instantiate the parameterized reasoning framework that discloses any potential vulnerabilities. We use our methodology to assess eight state-of-the-art cache architectures to demonstrate reliability as well as flexibility.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We follow the Isabelle/HOL definition where the cardinality of infinite sets is zero.
- 2.
Interested readers can refer here for the reasoning framework and verification cases.
References
Aranha, D.F., Novaes, F.R., Takahashi, A., Tibouchi, M., Yarom, Y.: LadderLeak: breaking ECDSA with less than one bit of nonce leakage. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 225–242 (2020)
Bernstein, D.J.: Cache-timing attacks on AES (2005)
Canella, C., et al.: Fallout: leaking data on meltdown-resistant CPUs. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 769–784 (2019)
Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical measurement of information leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12002-2_33
Cover, T.M.: Elements of Information Theory. Wiley, Hoboken (1999)
Deng, S., et al.: SecChisel framework for security verification of secure processor architectures. In: Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy, pp. 1–8 (2019)
Deng, S., Xiong, W., Szefer, J.: Cache timing side-channel vulnerability checking with computation tree logic. In: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, pp. 1–8 (2018)
Deng, S., Xiong, W., Szefer, J.: Analysis of secure caches using a three-step model for timing-based attacks. J. Hardware Syst. Secur. 3(4), 397–425 (2019)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: 1982 IEEE Symposium on Security and Privacy, pp. 11–11. IEEE (1982)
Gras, B., Razavi, K., Bos, H., Giuffrida, C.: Translation leak-aside buffer: defeating cache side-channel protections with TLB attacks. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 955–972 (2018)
Groot Bruinderink, L., Hülsing, A., Lange, T., Yarom, Y.: Flush, gauss, and reload – a cache attack on the BLISS lattice-based signature scheme. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 323–345. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_16
Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+Flush: a fast and stealthy cache attack. In: Caballero, J., Zurutuza, U., Rodríguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 279–299. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_14
He, Z., Lee, R.B.: How secure is your cache against side-channel attacks? In: Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture, pp. 341–353 (2017)
Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space ASLR. In: 2013 IEEE Symposium on Security and Privacy, pp. 191–205. IEEE (2013)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9
Li, X., et al.: Sapper: a language for hardware-level security policy enforcement. In: Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 97–112 (2014)
Liu, F., Lee, R.B.: Random fill cache architecture. In: 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture, pp. 203–215. IEEE (2014)
Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: 2015 IEEE Symposium on Security and Privacy, pp. 605–622. IEEE (2015)
Lou, X., Zhang, T., Jiang, J., Zhang, Y.: A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography. ACM Comput. Surv. (CSUR) 54(6), 1–37 (2021)
Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45949-9
Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006). https://doi.org/10.1007/11605805_1
Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Cryptology ePrint Archive (2002)
Percival, C.: Cache missing for fun and profit (2005)
Qureshi, M.K.: CEASER: mitigating conflict-based cache attacks via encrypted-address and remapping. In: 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), pp. 775–787. IEEE (2018)
Ryan, K.: Return of the hidden number problem. IACR Trans. Cryptogr. Hardware Embed. Syst. 146–168 (2019)
Shusterman, A., et al.: Robust website fingerprinting through the cache occupancy channel. In: 28th USENIX Security Symposium (USENIX Security 2019), pp. 639–656 (2019)
Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_6
Vila, P., Köpf, B., Morales, J.F.: Theory and practice of finding eviction sets. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 39–54. IEEE (2019)
Wang, D., et al.: Unveiling your keystrokes: a cache-based side-channel attack on graphics libraries. In: NDSS (2019)
Wang, L., Zhu, Z., Wang, Z., Meng, D.: Analyzing the security of the cache side channel defences with attack graphs. In: 2020 25th Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 50–55. IEEE (2020)
Wang, Z., Lee, R.B.: New cache designs for thwarting software cache-based side channel attacks. In: Proceedings of the 34th Annual International Symposium on Computer Architecture, pp. 494–505 (2007)
Wang, Z., Lee, R.B.: A novel cache architecture with enhanced performance and security. In: 2008 41st IEEE/ACM International Symposium on Microarchitecture, pp. 83–93. IEEE (2008)
Werner, M., Unterluggauer, T., Giner, L., Schwarz, M., Gruss, D., Mangard, S.: \(\{\)ScatterCache\(\}\): thwarting cache attacks via cache set randomization. In: 28th USENIX Security Symposium (USENIX Security 2019), pp. 675–692 (2019)
Yarom, Y., Benger, N.: Recovering OpenSSL ECDSA Nonces using the FLUSH+RELOAD cache side-channel attack. Cryptology ePrint Archive (2014)
Yarom, Y., Falkner, K.: FLUSH+ RELOAD: a high resolution, low noise, L3 cache side-channel attack. In: 23rd \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 2014), pp. 719–732 (2014)
Zhang, D., Wang, Y., Suh, G.E., Myers, A.C.: A hardware design language for timing-sensitive information-flow security. ACM SIGPLAN Notices 50(4), 503–516 (2015)
Zhang, T., Lee, R.B.: New models of cache architectures characterizing information leakage from cache side channels. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 96–105 (2014)
Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 305–316 (2012)
Acknowledgements
This work has been supported in part by Singapore National Research Foundation under its National Cybersecurity R &D Programme (NCR Award NRF2018 NCR-NCR009-0001), Singapore Ministry of Education (MOE) AcRF Tier 1 RS02/19, NTU Start-up grant, and the National Natural Science Foundation of China (NSFC) under the Grant No. 62132014 and by Key R &D Program of Zhejiang Province under the Grant No. 62132014.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Jiang, K., Zhang, T., Sanán, D., Zhao, Y., Liu, Y. (2022). A Formal Methodology for Verifying Side-Channel Vulnerabilities in Cache Architectures. In: Riesco, A., Zhang, M. (eds) Formal Methods and Software Engineering. ICFEM 2022. Lecture Notes in Computer Science, vol 13478. Springer, Cham. https://doi.org/10.1007/978-3-031-17244-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-17244-1_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-17243-4
Online ISBN: 978-3-031-17244-1
eBook Packages: Computer ScienceComputer Science (R0)