Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/9205
Title: Composable Cachelets: Protecting Enclaves From Cache Side-Channel Attacks
Authors: Townley, Daniel
Arikan, Kerem
Liu, Yu David
Ponomarev, Dmitry
Ergin, Oğuz
Keywords: High-Performance
Publisher: Usenix Assoc
Abstract: The security of isolated execution architectures such as Intel SGX has been significantly threatened by the recent emergence of side-channel attacks. Cache side-channel attacks allow adversaries to leak secrets stored inside isolated enclaves without having direct access to the enclave memory. In some cases, secrets can be leaked even without having the knowledge of the victim application code or having OS-level privileges. We propose the concept of Composable Cachelets (CC), a new scalable strategy to dynamically partition the last-level cache (LLC) for completely isolating enclaves from other applications and from each other. CC supports enclave isolation in caches with the capability to dynamically readjust the cache capacity as enclaves are created and destroyed. We present a cache-aware and enclave-aware operational semantics to help rigorously establish security properties of CC, and we experimentally demonstrate that CC thwarts side-channel attacks on caches with modest performance and complexity impact.
Description: 31st USENIX Security Symposium -- AUG 10-12, 2022 -- Boston, MA
URI: https://hdl.handle.net/20.500.11851/9205
ISBN: 978-1-939133-31-1
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection

Show full item record



CORE Recommender

WEB OF SCIENCETM
Citations

5
checked on Dec 21, 2024

Page view(s)

112
checked on Dec 23, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.