November 17, 2015
Pablo Cañones
Cache memories are an important tool for the good performance of computers since they solve the problem of retrieving data always from the main memory, a lot of work has been done over the years to study the performance of different replacement strategies for the data inside caches. However, caches can be a potential and easy objective for side channel attacks which in some circumstances can lead to serious problems of security. The subject of leaked information through caches is still under study and there are not too many important results yet. This talk covers our ongoing work carried out since September about this topic were we present some of the ideas we have explored in this months. We motivate the security dangers of caches and establish the theory for analysing the possible leakage of information: what a realistic cache attacker can do and what a good measure of optimality for probings should be. We present a new algorithm that probes a cache in this optimal way and returns a realistic bound to the information leaked. We apply this theory to the cache memory left by a given program and study the security and vulnerability to probings of the three most common replacement policies: FIFO, LRU and PLRU. We present some real results of the probing of an AES 256 implementation under different sizes of caches and replacement policies and give some initial conclusions of the result we expect to find with further study.