02.05.2024
About time for cache attacks
Abstract
Over the last two decades, cache attacks have emerged as a significant threat to shared computing. At their core, cache attacks exploit minute timing variation to query the state of a cache in the computer. From this cache state, the attacker can infer secret data processed by victim software that uses the shared cache. As these attacks often measure minute variations, at the order of few nanoseconds, multiple proposed defences aim at depriving attackers of high-resolution clocks.
In this talk we show the futility of such attempts. We first show that coarse-grained cache attack can retrieve sensitive information even in the absence of high-resolution timers. We then delve deeper into the nature of cache attacks, demonstrating that they allow arbitrary computation on cache state. Finally, we show how attackers can exploit this observation to implement high-frequency, high-resolution cache attacks without using high-resolution timers.
Bio
Yuval Yarom is a professor at Ruhr University Bochum, where he leads the Chair for Computer Security. He earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively. In between he has been the Vice President of Research in Memco Software and a co-founder and Chief Technology Officer of Girafa.com.
Yuval's research explores the security of the interface between the software and the hardware. In particular, he is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He works on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Photo © Hilary Brooks
Over the last two decades, cache attacks have emerged as a significant threat to shared computing. At their core, cache attacks exploit minute timing variation to query the state of a cache in the computer. From this cache state, the attacker can infer secret data processed by victim software that uses the shared cache. As these attacks often measure minute variations, at the order of few nanoseconds, multiple proposed defences aim at depriving attackers of high-resolution clocks.
In this talk we show the futility of such attempts. We first show that coarse-grained cache attack can retrieve sensitive information even in the absence of high-resolution timers. We then delve deeper into the nature of cache attacks, demonstrating that they allow arbitrary computation on cache state. Finally, we show how attackers can exploit this observation to implement high-frequency, high-resolution cache attacks without using high-resolution timers.
Bio
Yuval Yarom is a professor at Ruhr University Bochum, where he leads the Chair for Computer Security. He earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively. In between he has been the Vice President of Research in Memco Software and a co-founder and Chief Technology Officer of Girafa.com.
Yuval's research explores the security of the interface between the software and the hardware. In particular, he is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He works on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.
Photo © Hilary Brooks