*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Architecting Secure Processor Caches
Committee:
Dr. Moin Qureshi, CoC, Advisor
Dr. Tushar Krishna, ECE
Dr. Taesoo Kim, CoC
Dr. Milos Prvulovic, CoC
Dr. Christopher Fletcher, UIUC
Abstract: Processor caches enable fast access to data and are a major source of performance gains in modern processors. However, shared caches lead to serious security vulnerabilities like cache side channel attacks. In such attacks, cache interactions between a victim and a malicious process have been shown to leak encryption keys, user-sensitive data such as browsing histories and even confidential intellectual property such as machine-learning models. This thesis addresses the gap in the understanding of the capabilities of such attacks, and the lack of principled and practical solutions to mitigate them. First, this thesis investigates the capabilities of attackers and in the process develops a new cache attack called Streamline, that is considerably faster than current state-of-the-art attacks. Streamline reaches bitrates of more than 1MB/s, while being applicable to a broader class of processors than prior attacks. Second, this thesis develops a principled and practical defense using cache randomization, called MIRAGE. MIRAGE provides the security of a fully-associative design and eliminates set-conflict based cache side channels while preserving practical lookups. While 5 different randomized cache defenses were recently broken, MIRAGE has remained unbroken so far. Third, this thesis explores a practical cache partitioning defense to eliminate all potential cache side channels, with Bespoke Cache Enclaves. Bespoke provides 500+ simultaneous partitions of customizable sizes, surpassing practical limitations of prior works using way or set-partitioning, which only provide small number of partitions or partitions that are inflexible in size. Finally, this thesis develops solutions to harden caches against new forms of side-channel leakage via transient execution attacks like Spectre and Meltdown. This work develops CleanupSpec, a low overhead approach to roll back or randomize speculative changes to the cache to prevent exploitation of caches in such attacks. In summary, the solutions developed in this thesis enable security against side-channels for future processors while retaining a majority of the performance and practicality benefits of shared caches.
