Authenticache: Harnessing Cache ECC for System Authentication Anys - - PowerPoint PPT Presentation

Authenticache: Harnessing Cache ECC for System Authentication

Anys Bacha and Radu Teodorescu Department of Computer Science and Engineering The Ohio State University http://arch.cse.ohio-state.edu

Anys Bacha

Security and Everyday Computing

Authenticache: Harnessing Cache ECC for System Authentication 2

Security is now crucial to all computing markets, especially with the advent of IoT

Anys Bacha

Security Challenges

Authenticache: Harnessing Cache ECC for System Authentication 3

Anys Bacha

Security Challenges

Authenticache: Harnessing Cache ECC for System Authentication 3

• Password management
• Complexity due to different accounts having policies

Anys Bacha

Security Challenges

Authenticache: Harnessing Cache ECC for System Authentication 3

• Password management
• Complexity due to different accounts having policies
• Secure key storage
• Increases complexity for low cost IoT devices

Anys Bacha

Security Challenges

Authenticache: Harnessing Cache ECC for System Authentication 3

• Password management
• Complexity due to different accounts having policies
• Software as a Service
• Personal device at workplace increasing security risks
• Secure key storage
• Increases complexity for low cost IoT devices

Anys Bacha

Physical Unclonable Functions (PUF)

Authenticache: Harnessing Cache ECC for System Authentication 4

Anys Bacha

Physical Unclonable Functions (PUF)

Authenticache: Harnessing Cache ECC for System Authentication 5

Chip

Anys Bacha

Physical Unclonable Functions (PUF)

Authenticache: Harnessing Cache ECC for System Authentication 5 Slow transistors Fast transistors

Chip

• Exploit randomness in silicon

Anys Bacha

Physical Unclonable Functions (PUF)

Authenticache: Harnessing Cache ECC for System Authentication 6

Chip Silicon Fingerprints

• Systematic outputs unique to device
• Exploit randomness in silicon

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 7

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 8

Enrollment

Silicon Fingerprints

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 8

…

00010

Enrollment

Silicon Fingerprints

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 8

…

00010 11001 …

Enrollment

Silicon Fingerprints

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 9

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001 Silicon Fingerprints

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 10

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001

Authentication

Challenge

01100 00110

Response

… …

00010 11001

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 10

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001

Authentication

Challenge

01100 00110

Response

… …

00010 11001

• Auth. Request

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 11

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001

Authentication

Challenge

01100 00110

Response

… …

00010 11001

…

01100

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 11

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001

Authentication

Challenge

01100 00110

Response

… …

00010 11001

…

01100 00110 …

Anys Bacha

PUF System Authentication

Authenticache: Harnessing Cache ECC for System Authentication 11

… …

Enrollment

Challenge

01100 00110

Response

… …

00010 11001

Authentication

Challenge

01100 00110

Response

… …

00010 11001

…

01100 00110 …

Anys Bacha

Related Work

Authenticache: Harnessing Cache ECC for System Authentication 12

Anys Bacha

Related Work

Authenticache: Harnessing Cache ECC for System Authentication 12

Aribiter PUF

• Arbiter PUF (Lee et al. VLSI’04)
• Signal traversing maze of cascaded switch

blocks

Anys Bacha

Related Work

Authenticache: Harnessing Cache ECC for System Authentication 12

Aribiter PUF

• Arbiter PUF (Lee et al. VLSI’04)
• Signal traversing maze of cascaded switch

blocks

Ring Oscillator PUF

• Ring Oscillator PUF (Suh et al. DAC’07)
• Delay loops feeding oscillations into counters

Anys Bacha

Related Work

Authenticache: Harnessing Cache ECC for System Authentication 12

Aribiter PUF

• Arbiter PUF (Lee et al. VLSI’04)
• Signal traversing maze of cascaded switch

blocks

SRAM PUF

• SRAM PUF (Guajardo et al. CHES’07)
• Power-on states of 6T SRAM cell

Ring Oscillator PUF

• Ring Oscillator PUF (Suh et al. DAC’07)
• Delay loops feeding oscillations into counters

Anys Bacha

Related Work

Authenticache: Harnessing Cache ECC for System Authentication 12

Aribiter PUF

• Arbiter PUF (Lee et al. VLSI’04)
• Signal traversing maze of cascaded switch

blocks

SRAM PUF

• SRAM PUF (Guajardo et al. CHES’07)
• Power-on states of 6T SRAM cell

Ring Oscillator PUF

• Ring Oscillator PUF (Suh et al. DAC’07)
• Delay loops feeding oscillations into counters

Authenticache: No custom hardware On-chip error correction logic in processor caches

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 13

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 14

• Caches optimized for density

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 14

• Caches optimized for density
• Sensitive to process variation

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 14

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 15

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 15

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 15

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 15

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines

Repeatable

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 15

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines

Repeatable

L2 L2 L2 L2 L2 L2 L2 L2

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 16

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines Error Count Cache Line Address

1 2 3 4 5

Repeatable

L2 L2 L2 L2 L2 L2 L2 L2

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 16

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines Error Count Cache Line Address

1 2 3 4 5

Repeatable

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

1 2 3 4 5

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 17

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines Error Count Cache Line Address

<1 overlap/cache Repeatable

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

1 2 3 4 5

Cache Errors as Silicon Fingerprints

Authenticache: Harnessing Cache ECC for System Authentication 17

20 40 60 80 100 120

• 10
• 20
• 30
• 40
• 50
• 60

Relative Correctable Error Range (mV) Cache Lines Error Count Cache Line Address

<1 overlap/cache Unique Repeatable

• Caches optimized for density
• Sensitive to process variation
• Itanium processor 8 L2 caches

Intel 9560 Processor

Anys Bacha

The Authenticache System

Authenticache: Harnessing Cache ECC for System Authentication 18

Anys Bacha

The Authenticache System

Authenticache: Harnessing Cache ECC for System Authentication 18

way 0 way 1 way n set 0 way 0 way 1 way n set j … … … way 0 way 1 way n set 1 way 0 way 1 way n set j+1 … … … way 0 way 1 way n set k way 0 way 1 way n set m … … …

Cache Layout

• Exploit process variation in

LLC for randomness

Anys Bacha

The Authenticache System

Authenticache: Harnessing Cache ECC for System Authentication 18

way 0 way 1 way n set 0 way 0 way 1 way n set j … … … way 0 way 1 way n set 1 way 0 way 1 way n set j+1 … … … way 0 way 1 way n set k way 0 way 1 way n set m … … …

Cache Layout Error Map x y

1 1 1 1 1 1 1

Vi

• Exploit process variation in

LLC for randomness

• Construct cache maps as a

function of voltage and correctable errors

Anys Bacha

The Authenticache System

Authenticache: Harnessing Cache ECC for System Authentication 19

way 0 way 1 way n set 0 way 0 way 1 way n set j … … … way 0 way 1 way n set 1 way 0 way 1 way n set j+1 … … … way 0 way 1 way n set k way 0 way 1 way n set m … … …

Cache Layout Error Map x y

1 1 1 1 1 1 1

Vi

• Exploit process variation in

LLC for randomness

• Construct cache maps as a

function of voltage and correctable errors

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

z

Vj Vk

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 20

e e e e e e

Error Map

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 20

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

e e e e e e

A B Error Map

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 20

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B Error Map

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 20

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B Error Map V1 = V2

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 21

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B 𝑆𝑓𝑡𝑞𝑝𝑜𝑡𝑓 = 0, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) < 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐) 1, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) ≥ 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐)

Manhattan Distance

Error Map V1 = V2

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 21

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B 𝑆𝑓𝑡𝑞𝑝𝑜𝑡𝑓 = 0, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) < 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐) 1, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) ≥ 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐)

Manhattan Distance

Error Map V1 = V2

dist(A,e)=5

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 21

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B 𝑆𝑓𝑡𝑞𝑝𝑜𝑡𝑓 = 0, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) < 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐) 1, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) ≥ 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐)

dist(B,e)=4

Manhattan Distance

Error Map V1 = V2

dist(A,e)=5

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 21

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B 𝑆𝑓𝑡𝑞𝑝𝑜𝑡𝑓 = 0, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) < 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐) 1, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) ≥ 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐)

dist(B,e)=4

5 > 4

Manhattan Distance

Error Map V1 = V2

dist(A,e)=5

Anys Bacha

Challenge and Response

Authenticache: Harnessing Cache ECC for System Authentication 21

𝐷ℎ𝑏𝑚𝑚𝑓𝑜𝑕𝑓 = 𝑦1, 𝑧1, 𝑊

1 , (𝑦2, 𝑧2, 𝑊 2)

B e e e e e e (x2,y2) A (x1,y1)

A B 𝑆𝑓𝑡𝑞𝑝𝑜𝑡𝑓 = 0, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) < 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐) 1, 𝑒𝑗𝑡𝑢(𝐵, 𝑓𝑏) ≥ 𝑒𝑗𝑡𝑢(𝐶, 𝑓𝑐)

dist(B,e)=4

5 > 4

Manhattan Distance

Error Map V1 = V2

1

dist(A,e)=5

Anys Bacha

Experimental Framework

Authenticache: Harnessing Cache ECC for System Authentication 22

• System:
• BL860c-i4 Integrity Server from HP
• 2x 9560 Itanium II CPUs
• Prototype in System Firmware
• Thermal experiments through power virus
• Monte Carlo simulations
• Different cache sizes
• Different error maps and noise profiles

VR Adapt Voltage System Firmware (SMM) Operating System Vdd Request Self-test Cache

Event Test

Voltage Control Error Handler

ECC Cache Line

Authentication Algorithm

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 23 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Inter-chip

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 24 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Inter-chip

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 25 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Intra-chip (150% Noise) Inter-chip

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 25 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Intra-chip (150% Noise) Inter-chip

Misidentification

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 25 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Intra-chip (150% Noise) Inter-chip

< 2 ppm Misidentification

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 25 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Intra-chip (150% Noise) Inter-chip

< 2 ppm << 1 ppm Misidentification

Identification in presence of environmental and measurement noise

Anys Bacha

Identification and Noise

Authenticache: Harnessing Cache ECC for System Authentication 25 Code Distance (bits)

0.01 0.02 0.03 0.04 0.05 0.06 64 128 192 256 320 384 448 512 Intra-chip (10% Noise) Intra-chip (150% Noise) Inter-chip

< 2 ppm << 1 ppm Misidentification

Observe 6% intra-chip variation after +25° C

Anys Bacha

Resiliency to Noise

Authenticache: Harnessing Cache ECC for System Authentication 26

20 40 60 80 100 120 140 160 64-bit 128-bit 256-bit 512-bit Expected Errors Removed Unexpected Errors Injected

CRP Size Max Tolerable Noise (%)

Anys Bacha

Resiliency to Noise

Authenticache: Harnessing Cache ECC for System Authentication 26

20 40 60 80 100 120 140 160 64-bit 128-bit 256-bit 512-bit Expected Errors Removed Unexpected Errors Injected

CRP Size Max Tolerable Noise (%)

Enrollment Phase

Anys Bacha

Resiliency to Noise

Authenticache: Harnessing Cache ECC for System Authentication 26

20 40 60 80 100 120 140 160 64-bit 128-bit 256-bit 512-bit Expected Errors Removed Unexpected Errors Injected

CRP Size Max Tolerable Noise (%)

Enrollment Phase

12% 62%

Anys Bacha

Resiliency to Noise

Authenticache: Harnessing Cache ECC for System Authentication 26

20 40 60 80 100 120 140 160 64-bit 128-bit 256-bit 512-bit Expected Errors Removed Unexpected Errors Injected

CRP Size Max Tolerable Noise (%)

Enrollment Phase Environmental Conditions

12% 62%

Anys Bacha

Resiliency to Noise

Authenticache: Harnessing Cache ECC for System Authentication 26

20 40 60 80 100 120 140 160 64-bit 128-bit 256-bit 512-bit Expected Errors Removed Unexpected Errors Injected

CRP Size Max Tolerable Noise (%)

Enrollment Phase Environmental Conditions

12% 14% 62% 142%

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 27

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 28

• Repeatable cache line errors

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 28

0.2 0.4 0.6 0.8 1 1 2 3 4 7 8 CDF vs. Number of Cache Line Self-tests

CDF Number of Cache Line Self-tests

• Repeatable cache line errors

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 28

0.2 0.4 0.6 0.8 1 1 2 3 4 7 8 CDF vs. Number of Cache Line Self-tests

CDF Number of Cache Line Self-tests

• Repeatable cache line errors

CRP ≥ 128-bit

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 28

0.2 0.4 0.6 0.8 1 1 2 3 4 7 8 CDF vs. Number of Cache Line Self-tests

CDF Number of Cache Line Self-tests

• Repeatable cache line errors

CRP ≥ 128-bit All CRP

Anys Bacha

Repeatability and Performance

Authenticache: Harnessing Cache ECC for System Authentication 28

0.2 0.4 0.6 0.8 1 1 2 3 4 7 8 CDF vs. Number of Cache Line Self-tests

CDF Number of Cache Line Self-tests

• Repeatable cache line errors

50 100 150 200 250 64-bit 128-bit 256-bit 512-bit 1 Attempt 2 Attempts 4 Attempts 8 Attempts

CRP Size Time (ms)

CRP ≥ 128-bit All CRP

• Linear increase in runtime as a

function of self-test attempts

Anys Bacha

Model Building Attack Case Study

Authenticache: Harnessing Cache ECC for System Authentication 29

Anys Bacha

Model Building Attack Case Study

Authenticache: Harnessing Cache ECC for System Authentication 29

0.4 0.5 0.6 0.7 0.8 0.9 1 Prediction Rate vs. Observed CRP 50000 100000 150000 200000 250000 300000 350000 400000

Prediction Rate (bits/response) CRP Count

Anys Bacha

Model Building Attack Case Study

Authenticache: Harnessing Cache ECC for System Authentication 29

0.4 0.5 0.6 0.7 0.8 0.9 1 Prediction Rate vs. Observed CRP 50000 100000 150000 200000 250000 300000 350000 400000

Prediction Rate (bits/response) CRP Count

Anys Bacha

Model Building Attack Case Study

Authenticache: Harnessing Cache ECC for System Authentication 29

0.4 0.5 0.6 0.7 0.8 0.9 1 Prediction Rate vs. Observed CRP 50000 100000 150000 200000 250000 300000 350000 400000

Prediction Rate (bits/response) CRP Count

10% Noise

Anys Bacha

Model Building Attack Case Study

Authenticache: Harnessing Cache ECC for System Authentication 29

0.4 0.5 0.6 0.7 0.8 0.9 1 Prediction Rate vs. Observed CRP 50000 100000 150000 200000 250000 300000 350000 400000

Prediction Rate (bits/response) CRP Count

Regenerate logical error map

10% Noise

Anys Bacha

• Observe that correctable errors in caches can be used as silicon

fingerprints

• Introduce a challenge-response design that can sustain large

number of authentications (10 year lifetime)

• Demonstrate robustness of technique to noise (up to 142%)
• Realize a proof-of-concept to show system is practical

Conclusion

Authenticache: Harnessing Cache ECC for System Authentication 30

Anys Bacha

Thank you! Questions?

Authenticache: Harnessing Cache ECC for System Authentication 31

Authenticache: Harnessing Cache ECC for System Authentication

Anys Bacha and Radu Teodorescu Department of Computer Science and Engineering The Ohio State University http://arch.cse.ohio-state.edu