Home // CYBER 2020, The Fifth International Conference on Cyber-Technologies and Cyber-Systems // View article

PCache: Permutation-based Cache to Counter Eviction-based Cache-based Side-Channel Attacks

Authors:
Muhammad Asim Mukhtar
Muhammad Khurram Bhatti
Guy Gogniat

Keywords: Cache-based side-channel attacks, Randomization, Prime+Probe attack

Abstract:
Eviction-based cache-based side-channel attacks (SCAs) are continuously increasing confidentiality issues in computing systems. To mitigate these attacks, randomization-based countermeasures have raised interest because these have the potential to achieve strong security and high performance while retaining the cache features such as high-associativity and operate without the involvement of system software. However, existing countermeasures are proved to be less secure because of the small eviction set size or weak indexing functions used in them. To cope with this issue, we propose a novel randomization-based architecture, called PCache, which introduces hidden members in the eviction sets to enlarge their size, which makes it difficult for an attacker to launch eviction-based cache-based SCAs. PCache replaces cache lines in multiple steps by passing through different permutation functions, which consider bits of tag and index part of the memory address in the replacement process and result in strong indexing function. Experimental evaluations show that PCache provides high security. For a 10 MB cache, an attacker needs 2 years to find the eviction set and can launch eviction-based cache-based SCAs with only 28% confidence level. Moreover, PCache performance overhead is only 1.6% at maximum as compared to classical set-associative caches.

Pages: 1 to 6

Copyright: Copyright (c) IARIA, 2020

Publication date: October 25, 2020

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-61208-818-1

Location: Nice, France

Dates: from October 25, 2020 to October 29, 2020