Title:  How secure is your cache against side-channel attacks ?

Abstract:
Security-critical data can leak through very unexpected side chan-nels, making side-channel
attacks very dangerous threats to informa-tion security. Of these, cache-based side-channel
attacks are someof the most problematic. This is because caches are essential forthe performance
of modern computers, but an intrinsic property ofall caches – the different access times for cache
hits and misses –is the property exploited to leak information in time-based cacheside-channel attacks.
Recently, different secure cache architectureshave been proposed to defend against these attacks. However,
we donot have a reliable method for evaluating a cache’s resilience againstdifferent classes of cache
side-channel attacks, which is the goal ofthis paper.

We first propose a novel probabilistic information flow graph(PIFG) to model the interaction between the
victim program, theattacker program and the cache architecture. From this model, wederive a new metric,
the Probability of Attack Success (PAS), whichgives a quantitative measure for evaluating a cache’s resilienceagainst
a given class of cache side-channel attacks. We show thegenerality of our model and metric by applying them to
evaluatenine different cache architectures against all four classes of cacheside-channel attacks. Our new methodology,
model and metric canhelp verify the security provided by different proposed secure cachearchitectures, and compare
them in terms of their resilience to cacheside-channel attacks, without the need for simulation or taping out achip.