ABSTRACT:
As processors begin to support multi-programmed workloads, the isolation line between the processes that executed on them got thinner. As a result, several hardware components that are shared between these processes became points of information leakage which resulted in a slew of side-channel attacks in the last decade. Of such shared hardware components, Last Level Cache (LLC) has been the most vulnerable one as they are shared between the different processor cores and each of the latter executing different processes. Attacks targeting inherent architectural characteristics made researchers rethink the architectures of caches to safeguard against these cache-based side-channel attacks.

With the latest disclosure of Meltdown and Spectre vulnerabilities, cache timing attacks are proved to be a serious threat to the security of computing systems. It permits sensitive information, such as cryptographic keys, to leak across processes, virtual machines and even to remote servers. CEASER, an encrypted cache based methodology proposed in the literature is a promising countermeasure that stymies the timing channel by employing cryptography to randomize the cache address space. The author of CEASER claims strong security guarantees by providing randomization both spatially (randomizing every address) and temporally (changing the encryption key periodically).

This thesis proposes BRUTUS which points out a serious flaw in their encryption approach employed by CEASER that undermines the proposed security guarantees. Specifically, this thesis shows the proposed Low-Latency Block Cipher (LLBC), used for encryption in CEASER, is composed of only linear functions and neutralizes the spatial and temporal randomization. This results in that the complexity of a cache timing attack remains unaltered even with the presence of CEASER. Further, LLBC in CEASER is also compared against a stronger encryption algorithm - PRINCE.

This thesis also proposes a new technique to compromise the security of existing cache based side-channel countermeasures. As a solution to this new proposed technique of attack, a secure cache architecture - SEAL, that can counter both conflict-based and flush based attacks is also proposed. Building on the existing body of work on encrypted address cache, the thesis proposes a framework to efficiently differentiate between cache accesses belonging to several domains and to subsequently isolate such accesses. The proposed cache architecture hardware is implemented in Bluespec System Verilog (BSV) - a Hardware Description Language (HDL) and resilience of the solution to different kinds of attacks is analyzed. In addition, the cache architecture is simulated with the ZSim simulator to analyse system-level performance impact. Experimental results show that SEAL achieves stronger security guarantees with almost nil performance degradation.