Articles producció científica> Enginyeria Informàtica i Matemàtiques

A Security Model for Randomization-based Protected Caches

  • Dades identificatives

    Identificador: imarina:9280516
    Autors:
    Ribes-González JFarràs OHernández CKostalabros VMoretó M
    Resum:
    Cache side-channel attacks allow adversaries to learn sensitive information about co-running processes by using only access latency measures and cache contention. This vulnerability has been shown to lead to several microarchitectural attacks. As a promising solution, recent work proposes Randomization-based Protected Caches (RPCs). RPCs randomize cache addresses, changing keys periodically so as to avoid long-term leakage. Unfortunately, recent attacks have called the security of state-of-the-art RPCs into question. In this work, we tackle the problem of formally defining and analyzing the security properties of RPCs. We first give security definitions against access-based cache side-channel attacks that capture security against known attacks such as Prime+Probe and Evict+Probe. Then, using these definitions, we obtain results that allow to guarantee security by adequately choosing the rekeying period, the key generation algorithm and the cache randomizer, thus providing security proofs for RPCs under certain assumptions.
  • Altres:

    Autor segons l'article: Ribes-González J; Farràs O; Hernández C; Kostalabros V; Moretó M
    Departament: Enginyeria Informàtica i Matemàtiques
    Autor/s de la URV: Farràs Ventura, Oriol / Ribes Gonzalez, Jordi
    Paraules clau: Timing attacks Security definition Randomly-mapped caches Randomization-based protected caches Pseudo-random functions Cache side-channel attacks
    Resum: Cache side-channel attacks allow adversaries to learn sensitive information about co-running processes by using only access latency measures and cache contention. This vulnerability has been shown to lead to several microarchitectural attacks. As a promising solution, recent work proposes Randomization-based Protected Caches (RPCs). RPCs randomize cache addresses, changing keys periodically so as to avoid long-term leakage. Unfortunately, recent attacks have called the security of state-of-the-art RPCs into question. In this work, we tackle the problem of formally defining and analyzing the security properties of RPCs. We first give security definitions against access-based cache side-channel attacks that capture security against known attacks such as Prime+Probe and Evict+Probe. Then, using these definitions, we obtain results that allow to guarantee security by adequately choosing the rekeying period, the key generation algorithm and the cache randomizer, thus providing security proofs for RPCs under certain assumptions.
    Àrees temàtiques: Software Signal processing Hardware and architecture Computer networks and communications Computer graphics and computer-aided design Artificial intelligence
    Accès a la llicència d'ús: https://creativecommons.org/licenses/by/3.0/es/
    Adreça de correu electrònic de l'autor: oriol.farras@urv.cat
    Identificador de l'autor: 0000-0002-7495-5980
    Data d'alta del registre: 2024-09-07
    Versió de l'article dipositat: info:eu-repo/semantics/publishedVersion
    Enllaç font original: https://tches.iacr.org/index.php/TCHES/article/view/9693
    URL Document de llicència: https://repositori.urv.cat/ca/proteccio-de-dades/
    Referència a l'article segons font original: Iacr Transactions On Cryptographic Hardware And Embedded Systems. 2022 (3): 1-25
    Referència de l'ítem segons les normes APA: Ribes-González J; Farràs O; Hernández C; Kostalabros V; Moretó M (2022). A Security Model for Randomization-based Protected Caches. Iacr Transactions On Cryptographic Hardware And Embedded Systems, 2022(3), 1-25. DOI: 10.46586/tches.v2022.i3.1-25
    DOI de l'article: 10.46586/tches.v2022.i3.1-25
    Entitat: Universitat Rovira i Virgili
    Any de publicació de la revista: 2022
    Tipus de publicació: Journal Publications
  • Paraules clau:

    Artificial Intelligence,Computer Graphics and Computer-Aided Design,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Software
    Timing attacks
    Security definition
    Randomly-mapped caches
    Randomization-based protected caches
    Pseudo-random functions
    Cache side-channel attacks
    Software
    Signal processing
    Hardware and architecture
    Computer networks and communications
    Computer graphics and computer-aided design
    Artificial intelligence
  • Documents:

  • Cerca a google

    Search to google scholar