Investigating the viability of adaptive caches as a defense mechanism against cache side-channel attacks

Bandara, Sahan Lakshitha

04 June 2019

The ongoing miniaturization of semiconductor manufacturing technologies has enabled the integration of tens to hundreds of processing cores on a single chip. Unlike frequency-scaling where performance is increased equally across the board, core-scaling and hardware thread-scaling harness the additional processing power through the concurrent execution of multiple processes or programs. This approach of mingling or interleaving process executions has engendered a new set of security challenges that risks to undermine nearly three decades’ worth of computer architecture design efforts. The complexity of the runtime interactions and aggressive resource sharing among processes, e.g., caches or interconnect network paths, have created a fertile ground to mount attacks of ever-increasing acuteness against these computer systems. One such class of attacks is cache side-channel attacks. While caches are vital to the performance of current processors, they have also been the target of numerous side-channel attacks. As a result, a few cache architectures have been proposed to defend against these attacks. However, these designs tend to provide security at the expense of performance, area and power. Therefore, the design of secure, high-performance cache architectures is still a pressing research challenge. In this thesis, we examine the viability of self-aware adaptive caches as a defense mechanism against cache side-channel attacks. We define an adaptive cache as a caching structure with (i) run-time reconfiguration capability, and (ii) intelligent built-in logic to monitor itself and determine its parameter settings. Since the success of most cache side-channel attacks depend on the attacker’s knowledge of the key cache parameters such as associativity, set count, replacement policy, among others, an adaptive cache can provide a moving target defense approach against many of these cache side-channel attacks. Therefore, we hypothesize that the runtime changes in certain cache parameters should render some of the side-channel attacks less effective due to their dependence on knowing the exact configuration of the caches. / 2020-06-03T00:00:00Z

Computer engineering

Defense

Reconfigurable caches

Side-channel attacks

Side-Channel-Attack Resistant AES Design Based on Finite Field Construction Variation

Shvartsman, Phillip

29 August 2019

No description available.

Engineering

AES

cryptography

side channel attack

power analysis

finite field

A Model Extraction Attack on Deep Neural Networks Running on GPUs

O'Brien Weiss, Jonah G

09 August 2023

Deep Neural Networks (DNNs) have become ubiquitous due to their performance on prediction and classification problems. However, they face a variety of threats as their usage spreads. Model extraction attacks, which steal DNN models, endanger intellectual property, data privacy, and security. Previous research has shown that system-level side channels can be used to leak the architecture of a victim DNN, exacerbating these risks. We propose a novel DNN architecture extraction attack, called EZClone, which uses aggregate rather than time-series GPU profiles as a side-channel to predict DNN architecture. This approach is not only simpler, but also requires less adversary capability than earlier works. We investigate the effectiveness of EZClone under various scenarios including reduction of attack complexity, against pruned models, and across GPUs with varied resources. We find that EZClone correctly predicts DNN architectures for the entire set of PyTorch vision architectures with 100\% accuracy. No other work has shown this degree of architecture prediction accuracy with the same adversarial constraints or using aggregate side-channel information. Prior work has shown that, once a DNN has been successfully cloned, further attacks such as model evasion or model inversion can be accelerated significantly. Then, we evaluate several mitigation techniques against EZClone, showing that carefully inserted dummy computation reduces the success rate of the attack.

model extraction

adversarial machine learning

machine learning

side-channel attack

Hardware Trojan Detection Using Multiple-Parameter Side-Channel Analysis

Du, Dongdong

23 July 2010

No description available.

Electrical Engineering

Engineering

Hardware Trojan

Side-Channel Analysis

Multiple-Parameter.

Design of DPA-Resistant Integrated Circuits

Gohil, Nikhil N.

January 2017

No description available.

Engineering

Hardware Security

SDMLp

DPA

Side Channel Attacks

Side Channel Analysis Research Framework (SCARF)

Mefford, Greg

11 October 2012

No description available.

Computer Engineering

cryptography

side-channel

power-analysis

security

software

research

Understanding and Exploiting Design Flaws of AMD Secure Encrypted Virtualization

Li, Mengyuan

29 September 2022

No description available.

Computer Science

Dataset for Machine Learning Based Cache Timing Attacks and Mitigation

Kalidasan, Vishnu Kumar

05 June 2024

Cache side-channel attacks have evolved alongside increasingly complex microprocessor architectural designs. The attacks and their prevention mechanisms, such as cache partitioning, OS kernel isolation, and various hardware/operating system enhancements, have similarly progressed. Nonetheless, side-channel attacks necessitate effective and efficient prevention mechanisms or alterations to hardware architecture. Recently, machine learning (ML) is an emerging method for detecting and defending such attacks. However, The effectiveness of machine learning relies on the dataset it is trained on. The datasets for training these ML models today are not vast enough to enhance the robustness and consistency of the model performance. This thesis aims to enhance the ML method for exploring various cache side-channel attacks and defenses by offering a more reasonable and potentially realistic dataset to distinguish between the attacker and the victim process. The dataset is gathered through a computer system simulation model, which is subsequently utilized to train both the attacker and detector agents of the model. Different ways to collect datasets using the system simulation are explored. A New Dataset for training and detecting cache side-channel attacks is also explored and methodized. Lastly, the effectiveness of the dataset is studied by training a Flush+Reload attacker and detector model performance. / Master of Science / Imagine a spy trying to steal secret information from a computer by listening to its clicks and whirs. That's kind of what a side-channel attack is. The computer uses a special memory called a cache to speed things up, but attackers can spy on this cache to learn bits and pieces of what the computer is working on. Numerous ways to mitigate such attacks have been proposed, but they were either costly to implement in terms of resources or the performance offset of the computer is large. New types of attacks are also being researched and discovered. More recently, Machine learning (ML) models are used for detecting or defending cache side-channel attacks. Currently the training ground truth or the input dataset for the ML models is not vast enough to enhance the robustness and consistency of the model performance. This thesis project aims to enhance the ML approach for exploring and detecting existing and unknown Cache side-channel attacks by offering a more reasonable and potentially realistic training ground (dataset). The dataset is gathered through a computer system simulation model, which is subsequently utilized to train the ML models. Different ways to collect datasets using the computer system simulation are explored. A New Dataset for training and detecting Cache side-channel attacks is also explored and methodised. Lastly, the effectiveness of the dataset is studied by training a Flush+Reload attacker performance.

Cache timing-attack

Cache side-channel

gem5

Autocat

Macta

The Art of SRAM Security: Tactics for Remanence-based Attack and Strategies for Defense

Mahmod, Jubayer

02 May 2024

The importance of securing hardware, particularly in the context of the Internet of Things (IoT), cannot be overstated in light of the increasing prevalence of low-level attacks. As the IoT industry continues to expand, security has become a more holistic concern, as evidenced by the wide range of attacks that we observed, from large-scale distributed denial-of-service attacks to data theft through monitoring a device's low-level behavior, such as power consumption. Traditional software-based security measures fall short in defending against the full spectrum of attacks, particularly those involving physical tampering with system hardware. This underscores the critical importance of proactively integrating attack vectors that encompass both hardware and software domains, with a particular emphasis on considering both the analog and digital characteristics of hardware. This thesis investigates system security from a hardware perspective, specifically examining how low-level circuit behavior and architectural design choices impact SRAM's data remanence and its implications for security. This dissertation not only identifies new vulnerabilities due to SRAM data remanence but also paves the way for novel security solutions in the ongoing "security arms race". I present an attack, volt boot, that executes cold-boot style short-term data remanence in on-chip SRAM without using temperature effect. This attack exploits the fact that SRAM's power bus is externally accessible and allows data retention using a simple voltage probe. Next, I present a steganography method that hides information in the SRAM exploiting long-term data remanence. This approach leverages aging-induced degradation to imprint data in SRAM's analog domain, ultimately resulting in hidden and plausibly deniable information storage in the hardware. Finally, I show how an adversary weaponizes SRAM data remanence to develop an attack on a hardware-backed security isolation mechanism. The following provides a brief overview of the three major contributions of this thesis: 1. Volt boot is an attack that demonstrates the vulnerability of on-chip SRAM due to the physical separation common in modern SoCs' power distribution networks. By probing external power pins (to the cache) of an SoC while simultaneously shutting down the main system power, Volt boot creates data retention across power cycles. On-chip SRAM can be a safe memory when the threat model considers traditional off-chip cold-boot-style attacks. This research demonstrates an alternative method for preserving information in on-chip SRAM through power cycles, expanding our understanding of data retention capabilities. Volt boot leverages asymmetrical power states (e.g., on vs. off) to force SRAM state retention across power cycles, eliminating the need for traditional cold boot attack enablers, such as low-temperature or intrinsic data retention time. 2. Invisible Bits is a hardware steganography technique that hides secret messages in the analog domain of SRAM embedded within a computing device. Exploiting accelerated transistor aging, Invisible Bits stores hidden data along with system data in an on-chip cache and provides a plausible deniability guarantee from statistical analysis. Aging changes the transistor's behavior which I exploit to store data permanently (ie long-term data remanence) in an SRAM. Invisible Bits presents unique opportunities for safeguarding electronic devices when subjected to inspections by authorities. 3. UntrustZone utilizes long-term data remanence to exfiltrate secrets from on-chip SRAM. An attacker application must be able to read retained states in the SRAM upon power cycles, but this needs changing the security privilege. Hardware security schemes, such as ARM TrustZone, erase a memory block before changing its security attributes and releasing it to other applications, making short-term data remanence attacks ineffective. That is, attacks such as Volt boot fail when hardware-backed isolation such as TEE is enforced. UntrustZone unveils a new threat to all forms of on-chip SRAM even when backed by hardware isolation: long-term data remanence. I show how an attacker systematically accelerates data imprinting on SRAM's analog domain to effectively burn in on-chip secrets and bypass TrustZone isolation. / Doctor of Philosophy / In computing systems, hardware serves as the fundamental bulwark against security breaches. The evolution in software security has compelled adversaries to seek potential vulnerabilities in the hardware.The infamous cold boot attack exemplifies such vulnerabilities, showcasing how adversaries exploit hardware to access runtime secrets, even when cryptographic algorithms protect the system's disk. In this attack, volatile main memory (DRAM) is `frozen' at extremely cold temperatures, allowing it to retain information even when disconnected from the victim machine. Subsequently, an adversary transfers this `frozen memory' to another machine to extract the victim's secrets. This classic case is among numerous sophisticated hardware vulnerabilities identified in recent years, highlighting the evolving challenge of securing hardware against ingenious attacks. This rise in hardware-based attacks across industry and academia underscores the importance of adopting a comprehensive approach to safeguard computing systems. This approach must encompass secure processor design, ensuring a trusted distribution chain, rigorous software security vetting, and protection against runtime side-channel leakage. Consequently, there is a growing emphasis in both industry and academia on prioritizing security in design decisions. My dissertation delves into the low-level hardware behaviors, particularly focusing on the data remanence phenomena of Static Random Access Memory (SRAM). By discovering new security vulnerabilities and proposing effective mitigation strategies, this thesis contributes to the ongoing effort to fortify computing systems against evolving threats that are rooted in the hardware. SRAM stands as a ubiquitous form of volatile memory found in most processors and microcontrollers, serving as a crucial component for temporary storage of instructions and data to facilitate rapid access. By design, SRAM forgets its contents upon a processor's power cycle and defaults to a state determined by low-level circuit behavior. However, this dissertation unveils the possibility of retaining on-chip information even after power cycling, leveraging inherent low-level circuit behaviors to create data retention. This revelation exposes major security implications, resulting in the following three key contributions: Firstly, I introduce the volt boot attack, which exploits the vulnerability of on-chip SRAM, particularly to physical separation in modern System on Chip (SoC) power distribution networks. We conventionally assume that on-chip SRAM is secure against off-chip cold-boot attacks, but volt boot demonstrates the feasibility of achieving a similar state without traditional prerequisites such as low temperatures or long intrinsic data retention times. Subsequently, I propose a data hiding technique---invisible Bits, which leverages accelerated device wear out to embed data into the transistors of SRAM. This method introduces a novel form of hardware-based steganography, concealing data within the analog domain alongside digital system data. Lastly, I show how accelerated device aging can be weaponized to design a sophisticated attack aimed at extracting secrets from a Trusted Execution Environment (TEE) like ARM TrustZone. While short-term data remanence attacks such as Volt boot are rendered ineffective against hardware-backed isolation enforced by TEEs, UntrustZone harnesses the methodologies and tools from preceding works to induce long-term data remanence. This poses a new threat to on-chip cryptography that stores secrets on chip, even when fortified by hardware isolation mechanisms, such as ARM TrustZone.

On-chip SRAM attacks

aging side channel

data remanence

Advances in the Side-Channel Analysis of Symmetric Cryptography

Taha, Mostafa Mohamed Ibrahim

10 June 2014

Side-Channel Analysis (SCA) is an implementation attack where an adversary exploits unintentional outputs of a cryptographic module to reveal secret information. Unintentional outputs, also called side-channel outputs, include power consumption, electromagnetic radiation, execution time, photonic emissions, acoustic waves and many more. The real threat of SCA lies in the ability to mount attacks over small parts of the key and to aggregate information over many different traces. The cryptographic community acknowledges that SCA can break any security module if the adequate protection is not implemented. In this dissertation, we propose several advances in side-channel attacks and countermeasures. We focus on symmetric cryptographic primitives, namely: block-ciphers and hashing functions. In the first part, we focus on improving side-channel attacks. First, we propose a new method to profile highly parallel cryptographic modules. Profiling, in the context of SCA, characterizes the power consumption of a fully-controlled module to extract power signatures. Then, the power signatures are used to attack a similar module. Parallel designs show excessive algorithmic-noise in the power trace. Hence, we propose a novel attack that takes design parallelism into consideration, which results in a more powerful attack. Also, we propose the first comprehensive SCA of the new secure hashing function mbox{SHA-3}. Although the main application of mbox{SHA-3} is hashing, there are other keyed applications including Message Authentication Codes (MACs), where protection against SCA is required. We study the SCA properties of all the operations involved in mbox{SHA-3}. We also study the effect of changing the key-length on the difficulty of mounting attacks. Indeed, changing the key-length changes the attack methodology. Hence, we propose complete attacks against five different case studies, and propose a systematic algorithm to choose an attack methodology based on the key-length. In the second part, we propose different techniques for protection against SCA. Indeed, the threat of SCA can be mitigated if the secret key changes before every execution. Although many contributions, in the domain of leakage resilient cryptography, tried to achieve this goal, the proposed solutions were inefficient and required very high implementation cost. Hence, we highlight a generic framework for efficient leakage resiliency through lightweight key-updating. Then, we propose two complete solutions for protecting AES modes of operation. One uses a dedicated circuit for key-updating, while the other uses the underlying AES block cipher itself. The first one requires small area (for the additional circuit) but achieves negligible performance overhead. The second one has no area overhead but requires small performance overhead. Also, we address the problem of executing all the applications of hashing functions, e.g. the unkeyed application of regular hashing and the keyed application of generating MACs, on the same core. We observe that, running unkeyed application on an SCA-protected core will involve a huge loss of performance (3x to 4x). Hence, we propose a novel SCA-protected core for hashing. Our core has no overhead in unkeyed applications, and negligible overhead in keyed ones. Our research provides a better understanding of side-channel analysis and supports the cryptographic community with lightweight and efficient countermeasures. / Ph. D.

Side-Channel Analysis

Practical Leakage Resiliency

AES

SHA-3