Information Leakage Attacks Exploiting Cache Replacement in Commercial Processors

Abstract

Caches have been used to construct various covert and side channels. Most existing cache channels exploit the timing difference between cache hits and cache misses. We highlight that cache misses in different states may have more significant time differences. This paper presents in detail how replacement latency differences can be used to construct timing-based channels (called WB channels) to leak information. Any modification to a cache line by a sender will set it to the dirty state, and the receiver can observe this through measuring the latency of replacing this cache set. This paper evaluates WB channels from implementation complexity, stability, scalability, bandwidth, and stealthiness. Experimental results show that WB channel can not only transmit information covertly with high bandwidth but also has the strong anti-interference ability. Moreover, many previous cache defense and detection mechanisms target attacks exploiting the timing difference between cache hits and cache misses. This paper discusses the effectiveness of the WB channels against some such strategies. Moreover, this paper shows how to use our WB channel to mount a side-channel attack against a real-world security-sensitive application, such as AES implemented in OpenSSL-1.0.1e.