safecracker leaking secrets through compressed caches
play

Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, - PowerPoint PPT Presentation

Aug 17, 2022 •1.24k likes •2.15k views

Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, Andres Sanchez, Christopher Fletcher, and Daniel Sanchez ASPLOS 2020 Executive Summary 2 First security analysis of cache compression Executive Summary 2 First security

  1. Safecracker: Leaking Secrets through Compressed Caches Po-An Tsai, Andres Sanchez, Christopher Fletcher, and Daniel Sanchez ASPLOS 2020

  2. Executive Summary 2  First security analysis of cache compression

  3. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data

  4. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets

  5. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim

  6. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Attacker sends encryption 1 request to victim

  7. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Secret key Attacker-controlled input Attacker sends encryption 1 request to victim 2 Victim stores input next to key 0x01020304050607 0x01

  8. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Secret key Attacker-controlled input Attacker sends encryption 1 request to victim 2 Victim stores input next to key 0x01020304050607 0x01 Cache compresses line 7B cache line

  9. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Secret key Attacker-controlled input Attacker sends encryption 1 request to victim 2 Victim stores input next to key 0x01020304050607 0x01 3 Attacker measures line’s compressed size, infers Cache compresses line 0x01 is in the secret data 7B cache line

  10. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Secret key Attacker-controlled input Attacker sends encryption 1 request to victim 2 Victim stores input next to key 0x01020304050607 0x01 3 Attacker measures line’s compressed size, infers Cache compresses line 0x01 is in the secret data 7B cache line Compromises secret key in ~10ms

  11. Executive Summary 2  First security analysis of cache compression  Compressibility of a cache line reveals info about its data  Attacker can exploit data colocation to leak secrets Attacker Victim encrypt 0x01… Secret key Attacker-controlled input Attacker sends encryption 1 request to victim 2 Victim stores input next to key 0x01020304050607 0x01 3 Attacker measures line’s compressed size, infers Cache compresses line 0x01 is in the secret data 7B cache line Compromises secret key in ~10ms Leaks large fraction of victim memory when combined latent memory safety vulnerabilities

  12. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain

  13. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain

  14. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Presence of a line and its address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain

  15. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Speculatively executed Presence of a line and its instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain

  16. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain

  17. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain Compressed cache attacks

  18. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain Compressibility of secret (and data in same line) Compressed cache attacks

  19. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain Compressibility of secret Writing secret data (and data in same line) (or data in same line) Compressed cache attacks

  20. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain Compressibility of secret Timing difference to infer Writing secret data (and data in same line) a line’s compressibility (or data in same line) Compressed cache attacks

  21. Speculation-Based vs. Compressed Cache Side-Channel Attacks 3 Speculation-based cache side channel attacks (e.g., Spectre) Timing difference to infer Speculatively executed Presence of a line and its a line’s presence instructions address (location in cache) Side Kiriansky et. al, MICRO’18 Victim’s Attacker’s channel protection protection Secret Transmitter Receiver Secret domain domain Compressibility of secret Timing difference to infer Writing secret data (and data in same line) a line’s compressibility (or data in same line) Compressed cache attacks Compressed cache attacks leak data without relying on speculation

  22. Outline 4  Background on cache compression  Pack+Probe: Measuring cache line compressibility  Safecracker: Exploiting data colocation to leak secrets  Potential defenses

  23. Cache Compression Tradeoffs 5  Higher effective capacity  Higher hit rate  Somewhat higher hit latency

  24. Cache Compression Tradeoffs 5  Higher effective capacity  Higher hit rate  Somewhat higher hit latency  Highly beneficial for large caches (e.g., LLC) L3 Cache

  25. Cache Compression Tradeoffs 5  Higher effective capacity  Higher hit rate  Somewhat higher hit latency  Highly beneficial for large caches (e.g., LLC) L3  Intense research activity over past 15 years Cache

  26. Cache Compression Tradeoffs 5  Higher effective capacity  Higher hit rate  Somewhat higher hit latency  Highly beneficial for large caches (e.g., LLC) L3  Intense research activity over past 15 years Cache

  27. Cache Compression Tradeoffs 5  Higher effective capacity  Higher hit rate  Somewhat higher hit latency  Highly beneficial for large caches (e.g., LLC) L3  Intense research activity over past 15 years Cache All focus on performance, not security

  28. Cache Compression Ingredients 6

  29. Cache Compression Ingredients 6  Architecture: How to locate and manage variable- sized compressed blocks?

  30. Cache Compression Ingredients 6  Architecture: How to locate and manage variable- sized compressed blocks?  Algorithm: How to compress each cache block?

  31. Cache Compression Ingredients 6  Architecture: How to locate and manage variable- sized compressed blocks?  Algorithm: How to compress each cache block?  We focus attacks on a commonly used baseline:  VSC compressed cache architecture  BDI compression algorithm

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cross-Origin State Inference (COSI) Attacks: Your Browser is Leaking Your Secrets Avinash

Cross-Origin State Inference (COSI) Attacks: Your Browser is Leaking Your Secrets Avinash

Cross-Origin State Inference (COSI) Attacks: Your Browser is Leaking Your Secrets Avinash Sudhodanan Soheil Khodayari Juan Caballero 24/02/2020, NDSS 2020 COSI Attack A malicious web site infers the state of a user (the victim) at another web

767 views • 54 slides
Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook

Whispered Secrets Eleanor McHugh Whispered Secrets @feyeleanor http://leanpub.com/GoNotebook we all have secrets and these secrets matter to us thats what makes them secrets software should keep our secrets some secrets are awful

1k views • 75 slides
Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of

Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of

Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of Wrocaw Compressed membership for NFA 1 / 17 Artur Je What this talk is about Fully compressed membership problem for automata Compressed

733 views • 69 slides
Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to

NAHPXXJI6KNA Book ^ Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 9.28 MB Reviews Reviews Just no phrases to describe. It typically does not price an excessive amount of. It is extremely difficult to leave it before

260 views • 3 slides
Multicore Workshop Caches Mark Bull David Henty EPCC, University of Edinburgh Overview

Multicore Workshop Caches Mark Bull David Henty EPCC, University of Edinburgh Overview

Multicore Workshop Caches Mark Bull David Henty EPCC, University of Edinburgh Overview Why caches are needed How caches work Cache design and performance. 20/11/2012 Caches 2 The memory speed gap Moores Law: processors

811 views • 27 slides
Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches

Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches

Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches [Rotenberg96] Trace Caches For those not in the know: I$ that captures dynamic instruction sequences trace n instructions (cache

432 views • 41 slides
Say Goodbye to Off-heap Caches! On-heap Caches Using Memory-Mapped I/O Iacovos G. Kolokasis 1 ,

Say Goodbye to Off-heap Caches! On-heap Caches Using Memory-Mapped I/O Iacovos G. Kolokasis 1 ,

Say Goodbye to Off-heap Caches! On-heap Caches Using Memory-Mapped I/O Iacovos G. Kolokasis 1 , Anastasios Papagiannis 1 , Foivos Zakkak 2 , Polyvios Pratikakis 1 , and Angelos Bilas 1 1 University of Crete & Foundation of Research and

457 views • 19 slides
What You Must Know about Memory, Caches, and Shared Memory Kenjiro Taura 1 / 67 Contents 1

What You Must Know about Memory, Caches, and Shared Memory Kenjiro Taura 1 / 67 Contents 1

What You Must Know about Memory, Caches, and Shared Memory Kenjiro Taura 1 / 67 Contents 1 Introduction 2 Organization of processors, caches, and memory 3 Caches 4 So how costly is it to access data? Latency Bandwidth Many algorithms are

1.16k views • 105 slides
CS 136: Advanced Architecture Review of Caches 1 / 30 Introduction Why Caches? Basic goal:

CS 136: Advanced Architecture Review of Caches 1 / 30 Introduction Why Caches? Basic goal:

CS 136: Advanced Architecture Review of Caches 1 / 30 Introduction Why Caches? Basic goal: Size of cheapest memory . . . At speed of most expensive Locality makes it work Temporal locality: If you reference x , youll probably

717 views • 33 slides
Aligning DNA sequences on compressed collections of genomes Part 2. Compressed indexing The

Aligning DNA sequences on compressed collections of genomes Part 2. Compressed indexing The

Aligning DNA sequences on compressed collections of genomes Part 2. Compressed indexing The CODATA-RDA Research Data Science Applied workshop on Bioinformatics ICTP, Trieste - Italy July 24-28, 2017 Nicola Prezza Technical University of

788 views • 45 slides
Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an

XUECRQXNRXVS Book Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 8.11 MB Reviews Reviews It is really an remarkable book which i have ever go through. It can be writter in simple terms and not difficult to

343 views • 3 slides
Review: Why We Use Caches Caches Review Mechanism for transparent movement of Proc 1000

Review: Why We Use Caches Caches Review Mechanism for transparent movement of Proc 1000

Review: Why We Use Caches Caches Review Mechanism for transparent movement of Proc 1000 CPU data among levels of a storage hierarchy 60%/yr. Moores Law Performance set of address/value bindings address index to

966 views • 11 slides
Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a

Seven Secrets to Building a Successful Business Introductions The Seven Secrets to Building a Successful Business The Essential Tools Incredible Offer!!! Todays Agenda Just for attending you get Copy of the Presentation Link to the

698 views • 56 slides
Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically

NHHOGOEDX28F PDF Presentation Secrets Presentation Secrets Presentation Secrets Filesize: 3.61 MB Reviews Reviews This is basically the greatest pdf i have got go through right up until now. It normally fails to cost excessive. Once you

397 views • 3 slides
ECE232: Hardware Organization and Design Lecture 22: Introduction to Caches Adapted from Computer

ECE232: Hardware Organization and Design Lecture 22: Introduction to Caches Adapted from Computer

ECE232: Hardware Organization and Design Lecture 22: Introduction to Caches Adapted from Computer Organization and Design , Patterson & Hennessy, UCB Overview Caches hold a subset of data from the main memory Three types of caches

710 views • 25 slides
1 Implementation Snoop Caches Implementing Snooping Caches Write Races: Multiple processors

1 Implementation Snoop Caches Implementing Snooping Caches Write Races: Multiple processors

An Example Snoopy Protocol Invalidation protocol, write-back cache Each block of memory is in one state: Cache Coherence and Memory Clean in all caches and up-to-date in memory (Shared) Consistency OR Dirty in exactly one cache

507 views • 3 slides
Cooper: Task Colocation with Cooperative Games Qiuyun Llull, Songchun Fan, Seyed Majid Zahedi,

Cooper: Task Colocation with Cooperative Games Qiuyun Llull, Songchun Fan, Seyed Majid Zahedi,

Cooper: Task Colocation with Cooperative Games Qiuyun Llull, Songchun Fan, Seyed Majid Zahedi, Benjamin C. Lee Presented by: Qiuyun Llull Duke University HPCA Feb 7, 2017 1 Task Colocation in Datacenters Datacenters colocate applications

579 views • 37 slides
Paying to Save: Reducing Cost of Colocation Data Center via Rewards Mohammad A. Islam, Hasan

Paying to Save: Reducing Cost of Colocation Data Center via Rewards Mohammad A. Islam, Hasan

Paying to Save: Reducing Cost of Colocation Data Center via Rewards Mohammad A. Islam, Hasan Mahmud, Shaolei Ren, Xiaorui Wang* Florida International University *The Ohio State University Supported in part by NSF CNS-1423137 and CNS-1143607

498 views • 27 slides
P olya urns via the contraction method Ralph Neininger Institute for Mathematics J.W.

P olya urns via the contraction method Ralph Neininger Institute for Mathematics J.W.

P olya urns via the contraction method Ralph Neininger Institute for Mathematics J.W. Goethe-University Frankfurt a.M. AofA 2013 Menorca, Spain joint work with M. Knape arXiv:1301.3404 P olya urns Initial configuration: r 0 red balls, b

1.34k views • 69 slides
Graph Based Image Segmentation Jianbo Shi University of Pennsylvania A top-down process? Or a

Graph Based Image Segmentation Jianbo Shi University of Pennsylvania A top-down process? Or a

Graph Based Image Segmentation Jianbo Shi University of Pennsylvania A top-down process? Or a bottom up process? young woman, old woman Both segmentation and recognition are context sensitive: Need the whole to see its parts segmentation

1.04k views • 102 slides
1 (Cloud) Colocation Games Colocation Games: Questions IaaS cloud providers offer

1 (Cloud) Colocation Games Colocation Games: Questions IaaS cloud providers offer

Do you trust that the price is right? I n Cloud ( Markets) W e Trust Towards a Trustworthy Marketplace for Cloud Resources Holistic system (social) view is pass Azer Bestavros Tenants make resource acquisition/ control

481 views • 7 slides
SCALE OUT AND CONQUER: ARCHITECTURAL DECISIONS BEHIND DISTRIBUTED IN-MEMORY SYSTEMS VLADIMIR

SCALE OUT AND CONQUER: ARCHITECTURAL DECISIONS BEHIND DISTRIBUTED IN-MEMORY SYSTEMS VLADIMIR

SCALE OUT AND CONQUER: ARCHITECTURAL DECISIONS BEHIND DISTRIBUTED IN-MEMORY SYSTEMS VLADIMIR OZEROV YAKOV ZHDANOV WHO? Yakov Zhdanov: - GridGains Product Development VP - With GridGain since 2010 - Apache Ignite committer and PMC -

1.71k views • 102 slides
Oscar&H.&Mondragon,&Patrick&G.&Bridges&

Oscar&H.&Mondragon,&Patrick&G.&Bridges&

Department of Computer Science Oscar&H.&Mondragon,&Patrick&G.&Bridges& University&of&New&Mexico&& & Terry&Jones& Oak&Ridge&Na@onal&Lab& Mo#va#on' !

312 views • 18 slides
Operational AIRS-MODIS Co-location System AIRS Spatial Response Function & MODIS IR channel

Operational AIRS-MODIS Co-location System AIRS Spatial Response Function & MODIS IR channel

Operational AIRS-MODIS Co-location System AIRS Spatial Response Function & MODIS IR channel Spectral Response Function Haibing Sun 2 , W. Wolf 2 , C. Barnet 1, Lihang Zhou 2 and M. Goldberg 1 1 NOAA/NESDIS/ORA, 5200 Auth Road, Camp Springs,

428 views • 42 slides

More recommend