Please use this identifier to cite or link to this item:
Title: Composable Cachelets: Protecting Enclaves from Cache Side-Channel Attacks
Authors: Townley, Daniel
Arikan, Kerem
Liu, Yu David
Ponomarev, Dmitry
Ergin, Oğuz
Keywords: High-Performance
Issue Date: 2022
Publisher: Usenix Assoc
Abstract: The security of isolated execution architectures such as Intel SGX has been significantly threatened by the recent emergence of side-channel attacks. Cache side-channel attacks allow adversaries to leak secrets stored inside isolated enclaves without having direct access to the enclave memory. In some cases, secrets can be leaked even without having the knowledge of the victim application code or having OS-level privileges. We propose the concept of Composable Cachelets (CC), a new scalable strategy to dynamically partition the last-level cache (LLC) for completely isolating enclaves from other applications and from each other. CC supports enclave isolation in caches with the capability to dynamically readjust the cache capacity as enclaves are created and destroyed. We present a cache-aware and enclave-aware operational semantics to help rigorously establish security properties of CC, and we experimentally demonstrate that CC thwarts side-channel attacks on caches with modest performance and complexity impact.
Description: 31st USENIX Security Symposium -- AUG 10-12, 2022 -- Boston, MA
ISBN: 978-1-939133-31-1
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection

Show full item record

CORE Recommender


checked on Sep 16, 2023

Page view(s)

checked on Sep 25, 2023

Google ScholarTM



Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.