CacheRewinder: Revoking Speculative Cache Updates Exploiting Write-Back Buffer

Jongmin Lee, Junyeon Lee, Taeweon Suh, Gunjae Koo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Transient execution attacks are critical security threats since those attacks exploit speculative execution which is an essential architectural solution that can improve the performance of out-of-order processors significantly. Such attacks change cache state by accessing secret data during speculative executions, then the attackers leak the secret information exploiting cache timing side-channels. Even though software patches against transient execution attacks have been proposed, the software solutions significantly slow down the performance of a system. In this paper, we propose CacheRewinder, an efficient hardware-based defense mechanism against transient execution attacks. CacheRewinder prevents leakage of secret information by revoking the cache updates done by speculative executions. To restore the cache state efficiently, CacheRewinder exploits the underutilized write-back buffer space as the temporary storage for victimized cache blocks evicted during speculative executions. Hence, when speculation fails CacheRewinder can quickly restore the cache state using the victim blocks held in the write-back buffer. Our evaluation exhibits CacheRewinder can effectively defend against transient execution attacks. The performance overhead by CacheRewinder is only 0.6%, which is negligible compared to the unprotected baseline processor. CacheRewinder also requires minimal storage cost since it exploits unused write-back buffer entries as storage for evicted cache blocks.

Original languageEnglish
Title of host publicationProceedings of the 2022 Design, Automation and Test in Europe Conference and Exhibition, DATE 2022
EditorsCristiana Bolchini, Ingrid Verbauwhede, Ioana Vatajelu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages514-519
Number of pages6
ISBN (Electronic)9783981926361
DOIs
Publication statusPublished - 2022
Event2022 Design, Automation and Test in Europe Conference and Exhibition, DATE 2022 - Virtual, Online, Belgium
Duration: 2022 Mar 142022 Mar 23

Publication series

NameProceedings of the 2022 Design, Automation and Test in Europe Conference and Exhibition, DATE 2022

Conference

Conference2022 Design, Automation and Test in Europe Conference and Exhibition, DATE 2022
Country/TerritoryBelgium
CityVirtual, Online
Period22/3/1422/3/23

Bibliographical note

Funding Information:
ACKNOWLEDGEMENT This work was supported by the Institute of Information and Communications Technology Planning and Evaluation grants funded by the Korea government (MSIT) (No. 2019-0-00533, Research on CPU Vulnerability Detection and Validation / No. 2019-0-01343, Regional Strategic Industry Convergence Security Core Talent Training Business / IITP-2021-2020-0-01819, ICT Creative Consilience Program).

Publisher Copyright:
© 2022 EDAA.

Keywords

  • Cache Side-Channels
  • Secure Architecture
  • Speculative Execution
  • Transient Execution Attacks

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Hardware and Architecture
  • Software
  • Safety, Risk, Reliability and Quality
  • Control and Optimization

Fingerprint

Dive into the research topics of 'CacheRewinder: Revoking Speculative Cache Updates Exploiting Write-Back Buffer'. Together they form a unique fingerprint.

Cite this