Side-Channel-Resilient Caches for Trusted Execution Environments



Modern multi-core processors suffer from an inherent performance-security conflict with respect to their continuously evolving performance optimizations. One prominent example is how they share cache resources for maximum cache utilization and performance gains. This leave the cache vulnerable to side-channel attacks, where timing differences in shared cache behavior are exploited to infer information on the victim’s execution patterns, ultimately leaking private information such as a secret key. The root causes for these attacks is mutually distrusting processes sharing the cache entries and accessing them in a deterministic and consistent set-associative manner. While various defenses against cache side-channel attacks have been proposed, they continue to suffer from critical shortcomings. More importantly, they rigidly assume that side-channel-resilient caches are required for the entire execution workload and do not allow the possibility to selectively enable the mitigation only for the security-critical portion of the workload.

In this talk, we discuss our insights on such attacks, and the need for a new hardware design paradigm that treats customizable security/performance as a design metric, and not an afterthought. We present a mechanism for a flexible and soft partitioning of set-associative caches and propose hybrid cache architectures that can be configured to selectively apply side-channel-resilient cache behavior only for isolated execution domains, while providing the non-isolated execution with conventional cache behavior, capacity and performance.  We show how this can be achieved with minimal performance and area overheads, while effectively mitigating typical access-based and contention-based cache attacks.



Ghada Dessouky, M.Sc.

Research Assistant
System Security Lab
Technische Universität Darmstadt