当前位置: X-MOL 学术IEEE Micro › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Leaking Secrets Through Compressed Caches
IEEE Micro ( IF 2.8 ) Pub Date : 2021-03-26 , DOI: 10.1109/mm.2021.3069158
Po-An Tsai 1 , Andres Sanchez 2 , Christopher W. Fletcher 3 , Daniel Sanchez 4
Affiliation  

We offer the first security analysis of cache compression, a promising architectural technique that is likely to appear in future mainstream processors. We find that cache compression has novel security implications because the compressibility of a cache line reveals information about its contents. Compressed caches introduce a new side channel that is especially insidious, as simply storing data transmits information about the data. We present two techniques that make attacks on compressed caches practical. Pack+Probe allows an attacker to learn the compressibility of victim cache lines, and Safecracker leaks secret data efficiently by strategically changing the values of nearby data. Our evaluation on a proof-of-concept application shows that, on a representative compressed cache architecture, Safecracker lets an attacker compromise an 8-byte secret key in under 10 ms. Even worse, Safecracker can be combined with latent memory safety vulnerabilities to leak a large fraction of program memory.

中文翻译:

通过压缩缓存泄露秘密

我们提供了缓存压缩的首次安全性分析,这是一种有前途的架构技术,可能会出现在未来的主流处理器中。我们发现缓存压缩具有新的安全隐患,因为缓存行的可压缩性揭示了有关其内容的信息。压缩缓存引入了一个特别隐蔽的新边信道,因为简单地存储数据会传输有关数据的信息。我们提出了两种使压缩缓存攻击变得可行的技术。Pack+Probe 允许攻击者了解受害者缓存行的可压缩性,而 Safecracker 通过战略性地改变附近数据的值来有效地泄露秘密数据。我们对概念验证应用程序的评估表明,在具有代表性的压缩缓存架构上,Safecracker 让攻击者可以在 10 毫秒内破解一个 8 字节的密钥。更糟糕的是,Safecracker 可以结合潜在的内存安全漏洞来泄漏大部分程序内存。
更新日期:2021-05-28
down
wechat
bug