More Web Proxy on the site http://driver.im/

research-article

Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels

Authors:

Till Schlüter,

Nils Ole Tippenhauer,

Christian RossowAuthors Info & Claims

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Pages 1489 - 1503

https://doi.org/10.1145/3548606.3560613

Published: 07 November 2022 Publication History

Abstract

The complexity of modern processor architectures has given rise to sophisticated interactions among their components. Such interactions may result in potential attack vectors in terms of side channels, possibly available to userland exploits to leak secret data. Exploitation and countering of such side channels requires a detailed understanding of the target component. However, such detailed information is commonly unpublished for many CPUs.

In this paper, we introduce the concept of Leakage Templates to abstractly describe specific side channels and identify their occurrences in binary applications. We design and implement Plumber, a framework to derive the generic Leakage Templates from individual code sequences that are known to cause leakage (e.g., found by prior work). Plumber uses a combination of instruction fuzzing, instructions' operand mutation and statistical analysis to explore undocumented behavior of microarchitectural optimizations and derive sufficient conditions on vulnerable code inputs that if hold can trigger a distinguishing behavior. Using Plumber we identified novel leakage primitives based on Leakage Templates (for ARM Cortex-A53 and -A72 cores), in particular related to previction (a new premature cache eviction), and prefetching behavior. We show the utility of Leakage Templates by re-identifying a prefetcher-based vulnerability in OpenSSL 1.1.0g first reported by Shin et al. [39].

Supplementary Material

MP4 File (CCS22-fpb314.mp4)

Presentation video

Download
48.54 MB

References

[1]

Andreas Abel and Jan Reineke. Measurement-based modeling of the cache replacement policy. RTAS '13, page 65--74, USA, 2013. IEEE Computer Society.

Digital Library

[2]

Andreas Abel and Jan Reineke. Reverse engineering of cache replacement policies in intel microprocessors and their evaluation. In 2014 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), pages 141--142, 2014.

[3]

Onur Aıiçmez and Çetin Kaya Koç. Trace-driven Cache Attacks on AES (Short Paper). In Proceedings of the 8th International Conference on Information and Communications Security, ICICS, pages 112--121. Springer-Verlag, 2006.

[4]

asmregex. https://github.com/Usibre/asmregex/.

[5]

Sarani Bhattacharya, Chester Rebeiro, and Debdeep Mukhopadhyay. Hardware prefetchers leak: A revisit of SVF for cache-timing attacks. In 45th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2012, Workshops Proceedings, Vancouver, BC, Canada, December 1-5, 2012, pages 17--23, 2012.

Digital Library

[6]

Guillem Rueda Cebollero. Learning cache replacement policies using register automata. 2013.

[7]

ARM Cortex-A53 mpcore processor, technical reference manual. https:// developer.arm.com/documentation/ddi0500/j/.

[8]

Karine Gandolfi, Christophe Mourtel, and Francis Olivier. Electromagnetic analy- sis: Concrete results. CHES '01, page 251--261, Berlin, Heidelberg, 2001. Springer-Verlag.

[9]

GDB developers. GDB: The GNU Project Debugger. https://www.gnu.org/software/gdb.

[10]

Ben Gras, Cristiano Giuffrida, Michael Kurth, Herbert Bos, and Kaveh Razavi. Absynthe: Automatic blackbox side-channel synthesis on commodity microar-chitectures. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23-26, 2020, 2020.

[11]

Daniel Gruss, Clémentine Maurice, Anders Fogh, Moritz Lipp, and Stefan Mangard. Prefetch side-channel attacks: Bypassing smap and kernel aslr. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS '16, page 368--379, New York, NY, USA, 2016. Association for Com- puting Machinery.

Digital Library

[12]

Daniel Gruss, Clémentine Maurice, and Stefan Mangard. Rowhammer.js: A remote software-induced fault attack in javascript. In Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7-8, 2016, Proceedings, pages 300--321, 2016.

[13]

Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard. FlushFlush: a fast and stealthy cache attack. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pages 279--299. Springer, 2016.

Digital Library

[14]

Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. Cache template attacks: Automating attacks on inclusive last-level caches. In 24th USENIX Security Symposium (USENIX Security 15), pages 897--912, Washington, D.C., August 2015. USENIX Association.

Digital Library

[15]

R. Guanciale, H. Nemati, C. Baumann, and M. Dam. Cache storage channels: Alias-driven attacks and verified countermeasures. In 2016 IEEE Symposium on Security and Privacy (SP), pages 38--55, 2016.

[16]

Aamer Jaleel, Kevin B. Theobald, Simon C. Steely, and Joel Emer. High performance cache replacement using re-reference interval prediction (rrip). 38(3):60--71, June 2010.

[17]

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, et al. Spectre attacks: Exploiting speculative execution. In 2019 IEEE Symposium on Security and Privacy (SP), pages 1--19. IEEE, 2019.

[18]

Paul C. Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '96, page 104--113, Berlin, Heidelberg, 1996. Springer-Verlag.

Digital Library

[19]

Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '99, page 388--397, Berlin, Heidelberg, 1999. Springer-Verlag.

Digital Library

[20]

Nate Lawson. Side-channel attacks on cryptographic software. IEEE Security & Privacy, 7(6):65--68, 2009.

Digital Library

[21]

Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard. Armageddon: Cache attacks on mobile devices. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016, pages 549--564, 2016.

[22]

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Meltdown. arXiv preprint arXiv:1801.01207, 2018.

[23]

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. Last-Level Cache Side-Channel Attacks are Practical. In S&P, 2015.

Digital Library

[24]

Clémentine Maurice, Christoph Neumann, Olivier Heen, and Aurélien Francillon. C5: Cross-Cores Cache Covert Channel. In DIMVA, 2015.

Digital Library

[25]

Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Stefan Mangard, and Kay Römer. Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud. In NDSS, 2017.

[26]

Daniel Moghimi, Moritz Lipp, Berk Sunar, and Michael Schwarz. Medusa: Mi- croarchitectural data leakage via automated attack synthesis. In Srdjan Capkun and Franziska Roesner, editors, 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, pages 1427--1444. USENIX Association, 2020.

[27]

Hamed Nemati, Pablo Buiras, Andreas Lindner, Roberto Guanciale, and Swen Jacobs. Validation of abstract side-channel models for computer architectures. In Shuvendu K. Lahiri and Chao Wang, editors, Computer Aided Verification, pages 225--248, Cham, 2020. Springer International Publishing.

Digital Library

[28]

Nicholas Nethercote and Julian Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. SIGPLAN Not., 42(6):89--100, Jun 2007.

Digital Library

[29]

Michael Neve and Jean-Pierre Seifert. Advances on access-driven cache attacks on AES. In Proceedings of the 13th International Conference on Selected Areas in Cryptography, SAC'06, pages 147--162. Springer-Verlag, 2007.

Digital Library

[30]

Shirin Nilizadeh, Yannic Noller, and Corina S. Pasareanu. Diffuzz: Differential fuzzing for side-channel analysis. In Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, pages 125--126, 2020.

[31]

Dag Arne Osvik, Adi Shamir, and Eran Tromer. Cache attacks and countermeasures: The case of AES. In Proceedings of the 2006 The Cryptographers' Track at the RSA Conference on Topics in Cryptology, CT-RSA'06, page 1--20, Berlin, Heidelberg, 2006. Springer-Verlag.

Digital Library

[32]

Emre Özer, Alastair Reid, and Stuart Biles. Low-cost techniques for reducing branch context pollution in a soft realtime embedded multithreaded processor. In 19th Symposium on Computer Architecture and High Performance Computing (SBAC-PAD 2007), 24-27 October 2007, Gramado, RS, Brazil, pages 37--44, 2007.

[33]

Colin Percival. Cache missing for fun and profit. In In Proc. of BSDCan 2005, 2005.

[34]

Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security Symposium, 2016.

[35]

Plumber. https://github.com/scy-phy/plumber/.

[36]

Hany Ragab, Alyssa Milburn, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. CrossTalk: Speculative data leaks across cores are real. In S&P, May 2021. Intel Bounty Reward.

[37]

Michael Schwarz, Clémentine Maurice, Daniel Gruss, and Stefan Mangard. Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript. In FC, 2017.

Digital Library

[38]

Benjamin Semal, Konstantinos Markantonakis, Keith Mayes, and Jan Kalbantner. One covert channel to rule them all: A practical approach to data exfiltration in the cloud. 2020.

[39]

Youngjoo Shin, Hyung Chan Kim, Dokeun Kwon, Ji Hoon Jeong, and Junbeom Hur. Unveiling hardware-based data prefetcher, a hidden source of information leakage. CCS '18, page 131--145, New York, NY, USA, 2018. Association for Computing Machinery.

Digital Library

[40]

Armando Solar-Lezama. The sketching approach to program synthesis. In Zhenjiang Hu, editor, Programming Languages and Systems, pages 4--13, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg.

Digital Library

[41]

M. Caner Tol, Koray Yurtseven, Berk Gülmezoglu, and Berk Sunar. Fastspec: Scalable generation and detection of spectre gadgets using neural embeddings. CoRR, abs/2006.14147, 2020.

[42]

Caroline Trippel, Daniel Lustig, and Margaret Martonosi. Checkmate: Automated synthesis of hardware exploits and security litmus tests. In Proceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-51, page 947--960. IEEE Press, 2018.

Digital Library

[43]

Eran Tromer, Dag Arne Osvik, and Adi Shamir. Efficient cache attacks on AES, and countermeasures. J. Cryptol., 23(2):37--71, January 2010.

[44]

Yukiyasu Tsunoo, Teruo Saito, Tomoyasu Suzaki, and Maki Shigeri. Cryptanalysis of DES implemented on computers with cache. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems, CHES'03, LNCS, pages 62--76. Springer, 2003.

[45]

Vladimir Uzelac and Aleksandar Milenkovic. Experiment flows and microbench- marks for reverse engineering of branch predictor structures. In IEEE International Symposium on Performance Analysis of Systems and Software, ISPASS 2009, April 26-28, 2009, Boston, Massachusetts, USA, Proceedings, pages 207--217, 2009.

[46]

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. RIDL: Rogue in-flight data load. In S&P, May 2019.

[47]

Stephan van Schaik, Marina Minkin, Andrew Kwong, Daniel Genkin, and Yuval Yarom. Cacheout: Leaking data on intel cpus via cache evictions, 2020.

[48]

Jose Rodrigo Sanchez Vicarte, Pradyumna Shome, Nandeeka Nayak, Caroline Trippel, Adam Morrison, David Kohlbrenner, and Christopher W Fletcher. Opening pandora's box: A systematic study of new ways microarchitecture can leak private data. 2021.

[49]

Pepe Vila, Pierre Ganty, Marco Guarnieri, and Boris Köpf. Cachequery: Learning replacement policies from hardware caches. PLDI 2020, page 519--532, New York, NY, USA, 2020. Association for Computing Machinery.

[50]

Daniel Weber, Ahmad Ibrahim, Hamed Nemati, Michael Schwarz, and Christian Rossow. Osiris: Automated discovery of microarchitectural side channels. CoRR, abs/2106.03470, 2021. 51] Zhenyu Wu, Zhang Xu, and Haining Wang. Whispers in the Hyper-space: High- speed Covert Channel Attacks in the Cloud. In USENIX Security Symposium, 2012.

[51]

Yuval Yarom and Katrina Falkner. FlushReload: a high resolution, low noise, L3 cache side-channel attack. In Proceedings of the 23rd USENIX Conference on Security Symposium, pages 719--732, 2014.

[52]

Yuval Yarom, Daniel Genkin, and Nadia Heninger. Cachebleed: a timing attack on openssl constant-time RSA. J. Cryptogr. Eng., 7(2):99--112, 2017.

[53]

Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. Cross-VM Side Channels and Their Use to Extract Private Keys. In Proceedings of the Conference on Computer and Communications Security, CCS, pages 305--316. ACM, 2012.

Digital Library

Cited By

Hofmann JVannacci EFournet CKöpf BOleksenko OCalandrino JTroncoso C(2023)Speculation at faultProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620637(7143-7160)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620637
Schlüter TChoudhari AHetterich LTrampert LNemati HIbrahim ASchwarz MRossow CTippenhauer NMeng WJensen CCremers CKirda E(2023)FetchBench: Systematic Identification and Characterization of Proprietary PrefetchersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623124(975-989)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623124
Javeed AYilmaz CSavas E(2023)Microarchitectural Side-Channel Threats, Weaknesses and Mitigations: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.327575711(48945-48976)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3275757
Show More Cited By

Index Terms

Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures

Recommendations

SpecTerminator: Blocking Speculative Side Channels Based on Instruction Classes on RISC-V
In modern processors, speculative execution has significantly improved the performance of processors, but it has also introduced speculative execution vulnerabilities. Recent defenses are based on the delayed execution to block various speculative side ...
Delay-on-Squash: Stopping Microarchitectural Replay Attacks in Their Tracks
MicroScope and other similar microarchitectural replay attacks take advantage of the characteristics of speculative execution to trap the execution of the victim application in a loop, enabling the attacker to amplify a side-channel attack by executing it ...
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography
Invited Tutorial

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

November 2022

3598 pages

ISBN:9781450394505

DOI:10.1145/3548606

General Chairs:
Heng Yin
University of California, Riverside
,
Angelos Stavrou
Virginia Tech
,
Program Chairs:
Cas Cremers
CISPA Helmholtz Center for Information Security
,
Elaine Shi
Carnegie Mellon University

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '22

Sponsor:

SIGSAC

CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security

November 7 - 11, 2022

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
481
Total Downloads

Downloads (Last 12 months)93
Downloads (Last 6 weeks)16

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hofmann JVannacci EFournet CKöpf BOleksenko OCalandrino JTroncoso C(2023)Speculation at faultProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620637(7143-7160)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620637
Schlüter TChoudhari AHetterich LTrampert LNemati HIbrahim ASchwarz MRossow CTippenhauer NMeng WJensen CCremers CKirda E(2023)FetchBench: Systematic Identification and Characterization of Proprietary PrefetchersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623124(975-989)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623124
Javeed AYilmaz CSavas E(2023)Microarchitectural Side-Channel Threats, Weaknesses and Mitigations: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.327575711(48945-48976)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3275757
Xiao CTang MGuilley S(2023)Exploiting the microarchitectural leakage of prefetching activities for side-channel attacksJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2023.102877139:COnline publication date: 1-Jun-2023
https://dl.acm.org/doi/10.1016/j.sysarc.2023.102877

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents