A High-Resolution Side-Channel Attack on Last-Level CacheMehmet Kayaalp, IBM Res

A High-Resolution Side-Channel Attack on Last-Level CacheMehmet Kayaalp, IBM Res www.phwiki.com

A High-Resolution Side-Channel Attack on Last-Level CacheMehmet Kayaalp, IBM Res

Foster, Roland, News Director has reference to this Academic Journal, PHwiki organized this Journal A High-Resolution Side-Channel Attack on Last-Level CacheMehmet Kayaalp, IBM ResearchNael Abu-Ghazaleh, University of Cali as long as nia RiversideDmitry Ponomarev, State University of New York at BinghamtonAamer Jaleel, Nvidia ResearchThe 53rd Design Automation Conference (DAC), Austin, TX, June 8, 2016Cache Side-Channel2f2 85 5c 066a 91 4e 0cc4 fc da a8d5 37 e9 9c28 1e 4c 2409 bf 15 8230 6f 53 d9a4 49 2d 0eS-BoxSubBytesSet-associative cachewayssetsFlush+Reload Attack3CacheL2L1-IVictim1- Flush each line in the critical data2- Victim accesses critical data3- Reload critical data (measure time)EvictedTimeCPU1wayssetsL1-DL2L1-IAttackerL1-DShared L3CPU2

Hartford College for Women US www.phwiki.com

This Particular University is Related to this Particular Journal

Prime+Probe: L1 Attack4L1 CachewayssetsL2L1-IL1-DAttackerVictim2-way SMT core1- Prime each cache set2- Victim accesses critical data3- Probe each cache set (measure time)EvictedTimePrime+Probe: LLC Attack5L2L1-IVictim2- Victim accesses critical dataCPU1L1-DL2L1-IAttackerL1-DShared L3CPU21- Prime each cache set3- Probe each cache set (measure time)InclusiveEvict critical dataBack-invalidationsChallenges:Find collision groups as long as each cache setDiscover hardware detailsIdentify a minimal set of addresses per cache setFind which are the critical cache setsFind which cache sets incur the most slowdown as long as the victimAmong those, look as long as the expected access patternDiscovering LLC Details6Intel S in addition to y Bridge die4x Cores4x 2MBLLC Banksvirtual page numberpage offsetVirtual Address01263tagset indexL1 Access01263line offsetphysical page numberpage offsetPhysical Address01235tagLLC Access17356set index0line offset6Hashbank select

Bank Selection in addition to Cavity Sets7tag1735set index0line offset6XORH0H1:<00><11><01><10>Number of ways:15161616cavitysets8Finding Collision GroupsMemory Pagesame set indexN = (8 MB / 4 KB / 16) = 128 = { } Add page to Measure t = t( ) – t( – ) If t is high For each i Measure ti = t( ) – t( – i ) Add i to the new group if ti is high Remove the group from Repeat until N groups are found9Finding Critical Sets

10Attack on Instructions as long as round = 1:9 if round is even / even rounds / else / odd rounds // last round /setstime11Attack on Critical Table12Attack AnalysisTrue Positive Rate true critical accesses observed all critical accesses of the victimFalse Discovery Rate (FDR) false critical accesses observed all measurements of the attackerCache Side-Channel Vulnerability (CSV)CSV = Pearson-correlation (Attacker trace, Victim trace)TPR =FDR =

13Comparison to Flush+Reload14SummaryA new high-resolution Prime+Probe LLC attack is proposed It does not rely on large pages or the sharing of cryptographic data between the victim in addition to the attackerMechanisms to discover precise groups of addresses that map into the same LLC set in the presence of:Physical indexingIndex hashingVarying cache associativity across the LLC setsConcurrent attack on the instruction in addition to data tp improve the signal in addition to reduce the noiseNot limited to AES in addition to can be applied to attacking any ciphers that rely on pre-computed cryptographic tables (e.g. Blowfish, Twofish)

Foster, Roland KIKO-FM News Director www.phwiki.com

Foster, Roland News Director

Foster, Roland is from United States and they belong to KIKO-FM and they are from  Miami, United States got related to this Particular Journal. and Foster, Roland deal with the subjects like Local News; Regional News

Journal Ratings by Hartford College for Women

This Particular Journal got reviewed and rated by Hartford College for Women and short form of this particular Institution is US and gave this Journal an Excellent Rating.