Source:
PhD Thesis, Electrical Engineering Department, Princeton University, Princeton, NJ, p.135 (2012)
Abstract:
When users share resources, interference between users often reflects their activities and
thus leaks out information of a user to others. Microprocessors, and their associated cache
memories, are typically one of the most shared resources in a computer system.
Compared with traditional software-based and system-level information leakage channels,
the ones in microprocessors are often much faster and more reliable – and hence more
dangerous. They can also bypass existing software-based protection and isolation
mechanisms, and can nullify any confidentiality or integrity protections provided by
strong cryptography. Because of the ubiquitous deployment of microprocessors and the
fact that the attacks are effective on essentially all modern processors, such
microprocessor-level information leakage exists in almost all computing systems and has
become a serious security threat to a wide spectrum of platforms and users.
Motivated by the increasing importance of the processor and cache information
leakage problem, this dissertation aims to investigate the information leakage problem in
microprocessors in a more generalized manner. The goal is to first understand the
fundamental, rather than attack-specific, mechanisms that enable information leakage,
and then propose countermeasures that attack the root causes and thus are generally
effective. The dissertation also attempts to develop a theoretical model of information
leakage channels, which can help analyze existing channels, identify new channels,
evaluate their severity, and avoid such channels in future designs.
The dissertation starts with concrete practical issues that are of high importance. It
first analyzes the recent cache-based software side-channel attacks, revealing their
common root cause, then proposing novel cache designs that can effectively defend
against all attacks in this category without compromising performance, power efficiency
and cost. The proposed Newcache design can even improve performance over traditional
cache architectures. The dissertation also analyzes existing processor architectures,
identifies several new covert channels that are much faster than traditional channels, and
discusses alternative countermeasures. The dissertation then generalizes the problem of
covert channels with abstract modeling and analysis, which clarify the ambiguity in
traditional classifications of covert storage versus timing channels, help identify new
channels and reveal limitations of existing covert channel identification methods. The
dissertation also recognizes that asynchronism is an inherent characteristic of covert
channels that should be properly captured in channel capacity estimation. Quantitative
results are presented.