TY - JOUR
T1 - Leaking Secrets through Compressed Caches
AU - Tsai, Po An
AU - Sanchez, Andres
AU - Fletcher, Christopher W.
AU - Sanchez, Daniel
N1 - Funding Information:
We would like to thank Maleen Abeydeera, Joel Emer, Mark Jeffrey, Anurag Mukkara, Quan Nguyen, Victor Ying, Guowei Zhang, and the ASPLOS’20 reviewers for their feedback. We would also like to thank Joel Emer for his insights on the taxonomy, and Paul Kocher for sharing his concerns about the security of memory compression. This work was supported in part by the National Science Foundation under Grant CAREER-1452994 and Grant SaTC-1816226, in part by the Google faculty research award, and in part by an Intel ISRA grant. The work of Andres Sanchez was supported through a MISTI grant by the Technical University of Madrid.
Publisher Copyright:
© 1981-2012 IEEE.
PY - 2021/5/1
Y1 - 2021/5/1
N2 - We offer the first security analysis of cache compression, a promising architectural technique that is likely to appear in future mainstream processors. We find that cache compression has novel security implications because the compressibility of a cache line reveals information about its contents. Compressed caches introduce a new side channel that is especially insidious, as simply storing data transmits information about the data. We present two techniques that make attacks on compressed caches practical. Pack+Probe allows an attacker to learn the compressibility of victim cache lines, and Safecracker leaks secret data efficiently by strategically changing the values of nearby data. Our evaluation on a proof-of-concept application shows that, on a representative compressed cache architecture, Safecracker lets an attacker compromise an 8-byte secret key in under 10 ms. Even worse, Safecracker can be combined with latent memory safety vulnerabilities to leak a large fraction of program memory.
AB - We offer the first security analysis of cache compression, a promising architectural technique that is likely to appear in future mainstream processors. We find that cache compression has novel security implications because the compressibility of a cache line reveals information about its contents. Compressed caches introduce a new side channel that is especially insidious, as simply storing data transmits information about the data. We present two techniques that make attacks on compressed caches practical. Pack+Probe allows an attacker to learn the compressibility of victim cache lines, and Safecracker leaks secret data efficiently by strategically changing the values of nearby data. Our evaluation on a proof-of-concept application shows that, on a representative compressed cache architecture, Safecracker lets an attacker compromise an 8-byte secret key in under 10 ms. Even worse, Safecracker can be combined with latent memory safety vulnerabilities to leak a large fraction of program memory.
UR - http://www.scopus.com/inward/record.url?scp=85103269647&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85103269647&partnerID=8YFLogxK
U2 - 10.1109/MM.2021.3069158
DO - 10.1109/MM.2021.3069158
M3 - Article
AN - SCOPUS:85103269647
SN - 0272-1732
VL - 41
SP - 27
EP - 33
JO - IEEE Micro
JF - IEEE Micro
IS - 3
M1 - 9387557
ER -