ARMageddon: Cache Attacks on Mobile Devices
|
|
- Abigail Norman
- 5 years ago
- Views:
Transcription
1 ARMageddon: Cache Attacks on Mobile Devices Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard Graz University of Technology 1
2 TLDR powerful cache attacks (like Flush+Reload) on x86 why not on ARM? 2
3 TLDR powerful cache attacks (like Flush+Reload) on x86 why not on ARM? We identified and solved challenges systematically to: make all cache attack techniques applicable to ARM monitor user activity attack weak Android crypto show that ARM TrustZone leaks through the cache 2
4 What is a cache attack? (1) Number of accesses cache hits cache misses Access time in CPU cycles
5 What is a cache attack? (2) 4
6 What is a cache attack? (2) 4
7 What is a cache attack? (2) 4
8 What is a cache attack? (2) 4
9 What is a cache attack? (2) 4
10 What is a cache attack? (2) 4
11 What is a cache attack? (2) 4
12 What is a cache attack? (2) 4
13 Cache attack techniques Most important techniques: Flush+Reload Prime+Probe Both work on the last-level cache across cores 5
14 Flush+Reload Attacker address space Cache Victim address space step 0: attacker maps shared library shared memory, shared in cache 6
15 Flush+Reload Attacker address space Cache Victim address space cached cached step 0: attacker maps shared library shared memory, shared in cache 6
16 Flush+Reload Attacker address space Cache Victim address space flushes step 0: attacker maps shared library shared memory, shared in cache step 1: attacker flushes the shared line 6
17 Flush+Reload Attacker address space Cache Victim address space loads data step 0: attacker maps shared library shared memory, shared in cache step 1: attacker flushes the shared line step 2: victim loads data while performing encryption 6
18 Flush+Reload Attacker address space Cache Victim address space reloads data step 0: attacker maps shared library shared memory, shared in cache step 1: attacker flushes the shared line step 2: victim loads data while performing encryption step 3: attacker reloads data fast access if the victim loaded the line 6
19 Prime+Probe Attacker address space Cache Victim address space step 0: attacker fills the cache (prime) 7
20 Prime+Probe Attacker address space Cache Victim address space step 0: attacker fills the cache (prime) 7
21 Prime+Probe Attacker address space Cache Victim address space step 0: attacker fills the cache (prime) 7
22 Prime+Probe Attacker address space Cache Victim address space loads data step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption 7
23 Prime+Probe Attacker address space Cache Victim address space loads data step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption 7
24 Prime+Probe Attacker address space Cache Victim address space loads data step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption 7
25 Prime+Probe Attacker address space Cache Victim address space loads data step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption 7
26 Prime+Probe Attacker address space Cache Victim address space step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption 7
27 Prime+Probe Attacker address space Cache Victim address space step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption step 2: attacker probes data to determine if the set was accessed 7
28 Prime+Probe Attacker address space Cache Victim address space fast access step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption step 2: attacker probes data to determine if the set was accessed 7
29 Prime+Probe Attacker address space Cache Victim address space slow access step 0: attacker fills the cache (prime) step 1: victim evicts cache lines while performing encryption step 2: attacker probes data to determine if the set was accessed 7
30 Caches on Intel CPUs core 0 core 1 core 2 core 3 last-level cache (L3): L1 L2 L3 slice 0 L1 L2 L3 slice 1 L1 L2 L3 slice 2 L1 L2 L3 slice 3 shared inclusive = shared memory is shared in cache, across cores! 8
31 Caches on ARM Cortex-A CPUs core 0 core 1 core 2 core 3 last-level cache (L2): L1 L1 L2 L1 L1 shared but not inclusive = shared memory not in L2 is not shared in cache 9
32 Caches on ARM Cortex-A CPUs core 0 core 1 core 2 core 3 last-level cache (L2): L1 L1 L2 L1 L1 shared but not inclusive = shared memory not in L2 is not shared in cache Challenge #1: non-inclusive caches 9
33 Modern ARM SoCs big.little architecture (A53 + A57) multiple CPUs with no shared cache 10
34 Modern ARM SoCs big.little architecture (A53 + A57) multiple CPUs with no shared cache Challenge #2: no shared cache 10
35 Cache maintenance Instructions to enforce memory coherency x86: unprivileged clflush until ARMv7-A: n/a ARMv8-A: kernel can unlock a flush instruction for userspace 11
36 Cache maintenance Instructions to enforce memory coherency x86: unprivileged clflush until ARMv7-A: n/a ARMv8-A: kernel can unlock a flush instruction for userspace Challenge #3: no flush instruction 11
37 Cache eviction targeted cache eviction on ARM can be complicated: existing approaches introduce much noise pseudo-random replacement policy unclear how randomness affects existing approaches 12
38 Cache eviction targeted cache eviction on ARM can be complicated: existing approaches introduce much noise pseudo-random replacement policy unclear how randomness affects existing approaches Challenge #4: perform fast & reliable cache eviction 12
39 Timing measurements x86: rdtsc provides unprivileged access to cycle count ARM: existing attacks require access to privileged mode cycle counter 13
40 Timing measurements x86: rdtsc provides unprivileged access to cycle count ARM: existing attacks require access to privileged mode cycle counter Challenge #5: find unprivileged highly accurate timing sources 13
41 Challenges #1: non-inclusive caches #2: no shared cache #3: no flush #4: random eviction #5: no unprivileged timing 14
42 Solving #1: non-inclusive caches 15
43 Solving #1: non-inclusive caches Attacking instruction-inclusive data-non-inclusive caches 15
44 Solving #1: non-inclusive caches Attacking instruction-inclusive data-non-inclusive caches Core 0 Core 1 L1I L1D L1I L1D Sets L2 Unified Cache Sets 15
45 Solving #1: non-inclusive caches What about entirely non-inclusive caches? cache coherency protocol fetches data from remote cores instead of DRAM remote cache hits 16
46 Solving #1: non-inclusive caches What about entirely non-inclusive caches? Core 0 Core 1 L1I L1D L1I L1D Sets evict to DRAM L2 Unified Cache Sets 17
47 Solving #1: non-inclusive caches 10 4 Number of accesses Hit (same core) Miss (same core) Hit (cross-core) Miss (cross-core) ,000 Measured access time in CPU cycles (OnePlus One) 18
48 Solving #2: no shared cache Multiple CPUs with no shared cache 19
49 Solving #2: no shared cache Multiple CPUs with no shared cache again: cache coherency protocol fetches data from remote CPUs instead of DRAM keep local L2 filled to increase probability of remote L1/L2 eviction timing difference between local and remote still small enough 19
50 Solving #3: no flush idea: replace flush instruction with cache eviction Flush+Reload Evict+Reload 20
51 Solving #3: no flush idea: replace flush instruction with cache eviction Flush+Reload Evict+Reload (works on x86) 20
52 Solving #3: no flush idea: replace flush instruction with cache eviction Flush+Reload Evict+Reload (works on x86) but: cache eviction is slow and can be unreliable 20
53 Solving #3: no flush idea: replace flush instruction with cache eviction Flush+Reload Evict+Reload (works on x86) but: cache eviction is slow and can be unreliable unless you know how to evict 20
54 Solving #3: no flush idea: replace flush instruction with cache eviction Flush+Reload Evict+Reload (works on x86) but: cache eviction is slow and can be unreliable unless you know how to evict central idea of our Rowhammer.js paper 20
55 Solving #4: random eviction unique addr. # accesses Cycles Eviction rate % % % % % (on the Alcatel One Touch Pop 2) 21
56 Solving #5: no unprivileged timing Comparison of 4 different measurement techniques performance counter (privileged) perf event open (syscall, unprivileged) clock gettime (unprivileged) thread counter (multithreaded, unprivileged) 22
57 Solving #5: no unprivileged timing Number of accesses Hit (PMCCNTR) Miss (PMCCNTR) Hit (syscall.25) Miss (syscall.25) Hit (clock gettime.15) Miss (clock gettime.15) Hit (counter thread.05) Miss (counter thread.05) Measured access time (scaled) 23
58 Flush+Flush on the Samsung Galaxy S Number of cases Flush (address cached) Flush (address not cached) Measured execution time in CPU cycles 24
59 Prime+Probe on the Alcatel One Touch Pop 2 40% 30% Victim access No victim access Cases 20% 10% 0% 1,800 2,000 2,200 2,400 2,600 2,800 3,000 3,200 3,400 Execution time in CPU cycles 25
60 Covert channels on Android Work Type Bandwidth [bps] Error rate Ours (Samsung Galaxy S6) Flush+Reload, cross-core % Ours (Samsung Galaxy S6) Flush+Reload, cross-cpu % Ours (Samsung Galaxy S6) Flush+Flush, cross-core % Ours (Alcatel One Touch Pop 2) Evict+Reload, cross-core % Ours (OnePlus One) Evict+Reload, cross-core % Marforio et al. Type of Intents Marforio et al. UNIX socket discovery Schlegel et al. File locks 685 Schlegel et al. Volume settings 150 Schlegel et al. Vibration settings 87 26
61 Cache template attacks (CTA) Event key longpress swipe tap text 0x840 0x880 0x3280 0x7700 0x8080 0x8100 0x8140 0x8840 0x8880 0x8900 0x8940 0x8980 0x x x11080 Addresses Cache template matrix for libinput.so (on an Alcatel One Touch Pop 2) 27
62 Cache template attacks (CTA) Input alphabet enter space backspace 0x x x x x x x x x66380 Addresses Cache template matrix for the default AOSP keyboard (on a Samsung Galaxy S6) 28
63 CTA: taps and swipes 200 Access time Tap Tap Tap Swipe Swipe Swipe Tap Tap Tap Swipe Swipe Time in seconds measured on an Alcatel One Touch Pop 2 29
64 CTA: taps and swipes 400 Access time 200 Tap Tap Tap Swipe Swipe Swipe Time in seconds measured on a Samsung Galaxy S6 30
65 CTA: taps and swipes 800 Access time Tap Tap Tap Swipe Swipe Swipe Time in seconds measured on measured on a OnePlus One 31
66 CTA: distinguishing keys Key Space Access time t 0 32 h i s Space 1 2 i s Space a Space 3 4 Time in seconds m 5 e s s a 6 g e 7
67 Bouncy Castle a widely used crypto library WhatsApp,... uses a T-table implementation 33
68 Attacking Bouncy Castle 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xA0 0xB0 0xC0 0xD0 0xE0 0xF0 Address Plaintext byte values 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xA0 0xB0 0xC0 0xD0 0xE0 0xF0 Address Plaintext byte values Evict+Reload (Alcatel) vs. Flush+Reload (Samsung) 34
69 Attacking Bouncy Castle with Prime+Probe (Alcatel) Offset 0x240 0x280 0x2C0 0x300 0x340 0x380 0x3C0 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xA0 0xB0 0xC0 0xD0 0xE0 0xF0 Plaintext byte values 35
70 Leakage from ARM TrustZone (RSA signatures) Probing time in CPU cycles Valid key 1 Valid key 2 Valid key 3 Invalid key Set number 36
71 Conclusions all the powerful cache attacks applicable to smartphones monitor user activity with high accuracy derive crypto keys ARM TrustZone leaks through the cache 37
72 ARMageddon: Cache Attacks on Mobile Devices Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard Graz University of Technology 38
arxiv: v2 [cs.cr] 19 Jun 2016
ARMageddon: Cache Attacks on Mobile Devices Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard Graz University of Technology, Austria arxiv:1511.04897v2 [cs.cr] 19 Jun
More informationCache Attacks and Rowhammer on ARM
Moritz Lipp, BSc Cache Attacks and Rowhammer on ARM MASTER S THESIS to achieve the university degree of Diplom-Ingenieur Master s degree programme: Computer Science submitted to Graz University of Technology
More informationHello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Stefan Mangard, Kay Römer
More informationAutoLock: Why Cache Attacks on ARM Are Harder Than You Think
AutoLock: Why Cache Attacks on ARM Are Harder Than You Think Marc Green W, Leandro Rodrigues-Lima F, Andreas Zankl F, Gorka Irazoqui W, Johann Heyszl F, and Thomas Eisenbarth W August 18 th 2017 USENIX
More informationPractical Keystroke Timing Attacks in Sandboxed JavaScript
Practical Keystroke Timing Attacks in Sandboxed JavaScript M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Sep 11, 2017 ESORICS 17 Graz University of Technology Motivation Keystroke timing
More informationÉvolution des attaques sur la micro-architecture
Évolution des attaques sur la micro-architecture Clémentine Maurice, CNRS, IRISA 23 Janvier 2019 Journée Nouvelles Avancées en Sécurité des Systèmes d Information, INSA de Toulouse/LAAS-CNRS Attacks on
More informationRowhammer.js: A Remote Software- Induced Fault Attack in Javascript
Rowhammer.js: A Remote Software- Induced Fault Attack in Javascript Daniel Gruss, Clementine Maurice and Stefan Mangard Graz University of Technology, Austria Rowhammer bug (I) Different DRAM cells can
More informationRowhammer.js: Root privileges for web apps?
Rowhammer.js: Root privileges for web apps? Daniel Gruss (@lavados) 1, Clémentine Maurice (@BloodyTangerine) 2 1 IAIK, Graz University of Technology / 2 Technicolor and Eurecom 1 Rennes Graz Clémentine
More informationarxiv: v3 [cs.cr] 5 Apr 2016
Flush+Flush: A Fast and Stealthy Cache Attack Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard Graz University of Technology, Austria arxiv:1511.04594v3 [cs.cr] 5 Apr 2016 Abstract. Research
More informationFlush+Flush: A Stealthier Last-Level Cache Attack
Flush+Flush: A Stealthier Last-Level Cache Attack Daniel Gruss Graz University of Technology, Austria daniel.gruss@iaik.tugraz.at Clémentine Maurice Technicolor, Rennes, France Eurecom, Sophia-Antipolis,
More informationTruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices
TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices Ning Zhang, Kun Sun, Deborah Shands Wenjing Lou, Y. Thomas Hou Virginia Polytechnic Institute and State University, VA
More informationFrom bottom to top: Exploiting hardware side channels in web browsers
From bottom to top: Exploiting hardware side channels in web browsers Clémentine Maurice, Graz University of Technology July 4, 2017 RMLL, Saint-Étienne, France Rennes Graz Clémentine Maurice PhD since
More informationLecture 20: Multi-Cache Designs. Spring 2018 Jason Tang
Lecture 20: Multi-Cache Designs Spring 2018 Jason Tang 1 Topics Split caches Multi-level caches Multiprocessor caches 2 3 Cs of Memory Behaviors Classify all cache misses as: Compulsory Miss (also cold-start
More informationWhen Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins
When Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins Michael Schwarz, Moritz Lipp michael.schwarz@iaik.tugraz.at, moritz.lipp@iaik.tugraz.at Abstract In our talk, we show that despite all
More informationFantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript
Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript Michael Schwarz, Clémentine Maurice, Daniel Gruss, Stefan Mangard Graz University of Technology April 2017
More informationWho am I? Moritz Lipp PhD Graz University of
Who am I? Moritz Lipp PhD student @ Graz University of Technology @mlqxyz moritz.lipp@iaik.tugraz.at 1 Moritz Lipp, Michael Schwarz, Daniel Gruss Graz University of Technology Who am I? Michael Schwarz
More informationSecure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Attacks
: Defending Against Cache-Based Side Channel Attacks Mengjia Yan, Bhargava Gopireddy, Thomas Shull, Josep Torrellas University of Illinois at Urbana-Champaign http://iacoma.cs.uiuc.edu Presented by Mengjia
More informationMicro-architectural Attacks. Chester Rebeiro IIT Madras
Micro-architectural Attacks Chester Rebeiro IIT Madras 1 Cryptography Passwords Information Flow Policies Privileged Rings ASLR Virtual Machines and confinement Javascript and HTML5 (due to restricted
More informationAutomated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features Michael Schwarz 1, Daniel Gruss 1, Moritz Lipp 1, Clémentine Maurice 2, Thomas Schuster 1, Anders Fogh
More informationExploiting Branch Target Injection. Jann Horn, Google Project Zero
Exploiting Branch Target Injection Jann Horn, Google Project Zero 1 Outline Introduction Reverse-engineering branch prediction Leaking host memory from KVM 2 Disclaimer I haven't worked in CPU design I
More informationJavaScript Zero. Real JavaScript and Zero Side-Channel Attacks. Michael Schwarz, Moritz Lipp, Daniel Gruss
JavaScript Zero Real JavaScript and Zero Side-Channel Attacks Michael Schwarz, Moritz Lipp, Daniel Gruss 20.02.2018 www.iaik.tugraz.at 1 Michael Schwarz, Moritz Lipp, Daniel Gruss www.iaik.tugraz.at Outline
More informationMalware Guard Extension: Using SGX to Conceal Cache Attacks
Malware Guard Extension: Using SGX to Conceal Cache Attacks Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, and Stefan Mangard Graz University of Technology, Austria Abstract. In modern
More informationarxiv: v1 [cs.cr] 3 Jan 2018
Meltdown arxiv:1801.01207v1 [cs.cr] 3 Jan 2018 Abstract Moritz Lipp 1, Michael Schwarz 1, Daniel Gruss 1, Thomas Prescher 2, Werner Haas 2, Stefan Mangard 1, Paul Kocher 3, Daniel Genkin 4, Yuval Yarom
More informationMeltdown or "Holy Crap: How did we do this to ourselves" Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory
Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory locations Breaks all security assumptions given
More informationBreaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX. Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology
Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology Kernel Address Space Layout Randomization (KASLR) A statistical
More informationMalware Guard Extension: Using SGX to Conceal Cache Attacks (Extended Version)
Malware Guard Extension: Using SGX to Conceal Cache Attacks (Exted Version) Michael Schwarz Graz University of Technology Email: michael.schwarz@iaik.tugraz.at Samuel Weiser Graz University of Technology
More informationSoftware-based Microarchitectural Attacks
Software-based Microarchitectural Attacks Daniel Gruss January 23, 2019 Graz University of Technology Frame Rate of Slide Deck: 11 fps 1 Daniel Gruss Graz University of Technology 1337 4242 Revolutionary
More informationReturn-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices Xiaokuan Zhang Yuan Xiao Yinqian Zhang Department of Computer Science and Engineering The Ohio State University
More informationVirtual Memory. Stefanos Kaxiras. Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources.
Virtual Memory Stefanos Kaxiras Credits: Some material and/or diagrams adapted from Hennessy & Patterson, Hill, online sources. Caches Review & Intro Intended to make the slow main memory look fast by
More informationarxiv: v2 [cs.cr] 30 Nov 2015
Reverse Engineering Intel DRAM Addressing and Exploitation - Work in Progress - arxiv:1511.08756v2 [cs.cr] 30 Nov 2015 Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz and Stefan Mangard
More informationLecture 21: Virtual Memory. Spring 2018 Jason Tang
Lecture 21: Virtual Memory Spring 2018 Jason Tang 1 Topics Virtual addressing Page tables Translation lookaside buffer 2 Computer Organization Computer Processor Memory Devices Control Datapath Input Output
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel
More informationAttack TrustZone with Rowhammer. Pierre Carru - eshard 2017/04
Attack TrustZone with Rowhammer Pierre Carru - eshard 2017/04 1 Presentation Summary 1. Rowhammer ~10 min 2. TrustZone ~10 min 3. Attack ~10 min 2 Context - Existing Rowhammer Attacks Implementations Intel
More informationSpectre and Meltdown: Data leaks during speculative execution
Spectre and Meltdown: Data leaks during speculative execution Speaker: Jann Horn (Google Project Zero) Paul Kocher (independent) Daniel Genkin (University of Pennsylvania and University of Maryland) Yuval
More informationWho we are. Eshard - Embedded Security Company. Software & Hardware Security. What do we
Who we are Eshard - Embedded Security Company Software & Hardware Security What do we do: Tools: Side Channel / Code Analysis Consultancy Audit Training @eshardnews https://www.eshard.com contact@eshard.com
More informationConstant-Time Callees with Variable-Time Callers. Cesar Pereida Garcı a Billy Bob Brumley Tampere University of Technology Finland
Constant-Time Callees with Variable-Time Callers Cesar Pereida Garcı a Billy Bob Brumley Tampere University of Technology Finland Outline Enabling Cache-Timing Attacks Motivation Brief History of Cache-Timing
More informationStrong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory Daniel Gruss, Graz University of Technology, Graz, Austria; Julian Lettner, University of California, Irvine, USA;
More informationThe Last Mile An Empirical Study of Timing Channels on sel4
The Last Mile An Empirical Study of Timing on David Cock Qian Ge Toby Murray Gernot Heiser 4 November 2014 NICTA Funding and Supporting Members and Partners Outline The Last Mile Copyright NICTA 2014 David
More informationMemory Performance and Cache Coherency Effects on an Intel Nehalem Multiprocessor System
Center for Information ervices and High Performance Computing (ZIH) Memory Performance and Cache Coherency Effects on an Intel Nehalem Multiprocessor ystem Parallel Architectures and Compiler Technologies
More informationChapter 5 (Part II) Large and Fast: Exploiting Memory Hierarchy. Baback Izadi Division of Engineering Programs
Chapter 5 (Part II) Baback Izadi Division of Engineering Programs bai@engr.newpaltz.edu Virtual Machines Host computer emulates guest operating system and machine resources Improved isolation of multiple
More informationMicro-Architectural Attacks and Countermeasures
Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack
More informationCSE502: Computer Architecture CSE 502: Computer Architecture
CSE 502: Computer Architecture Memory Hierarchy & Caches Motivation 10000 Performance 1000 100 10 Processor Memory 1 1985 1990 1995 2000 2005 2010 Want memory to appear: As fast as CPU As large as required
More informationASSIGNMENT 9: CACHE MEMORY NAME. Assume we are building a cache for a memory system that s just 16 bytes big 4 address bits.
. SSIGNMNT : H MMORY NM PROLM : -YT H OR -YT MMORY. ssume we are building a cache for a memory system that s just bytes big address bits. We will make a direct mapped cache that has four set, so there
More informationELE 758 * DIGITAL SYSTEMS ENGINEERING * MIDTERM TEST * Circle the memory type based on electrically re-chargeable elements
ELE 758 * DIGITAL SYSTEMS ENGINEERING * MIDTERM TEST * Student name: Date: Example 1 Section: Memory hierarchy (SRAM, DRAM) Question # 1.1 Circle the memory type based on electrically re-chargeable elements
More informationSpring 2016 :: CSE 502 Computer Architecture. Caches. Nima Honarmand
Caches Nima Honarmand Motivation 10000 Performance 1000 100 10 Processor Memory 1 1985 1990 1995 2000 2005 2010 Want memory to appear: As fast as CPU As large as required by all of the running applications
More informationM2351 Security Architecture. TrustZone Technology for Armv8-M Architecture
Architecture TrustZone Technology for Armv8-M Architecture Outline NuMicro Architecture TrustZone for Armv8-M Processor Core, Interrupt Handling, Memory Partitioning, State Transitions. TrustZone Implementation
More informationCurious case of Rowhammer: Flipping Secret Exponent Bits using Timing Analysis
Curious case of Rowhammer: Flipping Secret Exponent Bits using Timing Analysis Sarani Bhattacharya and Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur CHES 2016 August 19, 2016 Objective
More informationPage 1. Multilevel Memories (Improving performance using a little cash )
Page 1 Multilevel Memories (Improving performance using a little cash ) 1 Page 2 CPU-Memory Bottleneck CPU Memory Performance of high-speed computers is usually limited by memory bandwidth & latency Latency
More informationChapter 8 Virtual Memory
Chapter 8 Virtual Memory Digital Design and Computer Architecture: ARM Edi*on Sarah L. Harris and David Money Harris Digital Design and Computer Architecture: ARM Edi>on 215 Chapter 8 Chapter 8 ::
More informationCS 261 Fall Caching. Mike Lam, Professor. (get it??)
CS 261 Fall 2017 Mike Lam, Professor Caching (get it??) Topics Caching Cache policies and implementations Performance impact General strategies Caching A cache is a small, fast memory that acts as a buffer
More informationCurious case of Rowhammer: Flipping Secret Exponent Bits using Timing Analysis
Curious case of Rowhammer: Flipping Secret Exponent Bits using Timing Analysis Sarani Bhattacharya 1 and Debdeep Mukhopadhyay 1 Department of Computer Science and Engineering Indian Institute of Technology,
More informationECE331 Homework 4. Due Monday, August 13, 2018 (via Moodle)
ECE331 Homework 4 Due Monday, August 13, 2018 (via Moodle) 1. Below is a list of 32-bit memory address references, given as hexadecimal byte addresses. The memory accesses are all reads and they occur
More informationVirtual Memory 1. Virtual Memory
Virtual Memory 1 Virtual Memory key concepts virtual memory, physical memory, address translation, MMU, TLB, relocation, paging, segmentation, executable file, swapping, page fault, locality, page replacement
More informationVirtual Memory 1. Virtual Memory
Virtual Memory 1 Virtual Memory key concepts virtual memory, physical memory, address translation, MMU, TLB, relocation, paging, segmentation, executable file, swapping, page fault, locality, page replacement
More informationRealistic Memories and Caches
Realistic Memories and Caches Li-Shiuan Peh Computer Science & Artificial Intelligence Lab. Massachusetts Institute of Technology L13-1 Three-Stage SMIPS Epoch Register File stall? PC +4 fr Decode Execute
More informationCache Performance and Memory Management: From Absolute Addresses to Demand Paging. Cache Performance
6.823, L11--1 Cache Performance and Memory Management: From Absolute Addresses to Demand Paging Asanovic Laboratory for Computer Science M.I.T. http://www.csg.lcs.mit.edu/6.823 Cache Performance 6.823,
More informationCavium ThunderX2 CN99XX PMU Events (Abridged) July 31, 2018
Cavium ThunderX2 CN99XX PMU s (Abridged) July 31, 2018 1 Introduction The ARM architecture defines several events as part of the Performance Monitor Unit (PMU) Extension. The Cavium ThunderX2 CN99XX processor
More informationMo Money, No Problems: Caches #2...
Mo Money, No Problems: Caches #2... 1 Reminder: Cache Terms... Cache: A small and fast memory used to increase the performance of accessing a big and slow memory Uses temporal locality: The tendency to
More informationWait a minute! A fast, Cross-VM attack on AES
Wait a minute! A fast, Cross-VM attack on AES Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar Worcester Polytechnic Institute, Worcester, MA, USA {girazoki,msinci,teisenbarth,sunar}@wpi.edu
More informationWhy memory hierarchy? Memory hierarchy. Memory hierarchy goals. CS2410: Computer Architecture. L1 cache design. Sangyeun Cho
Why memory hierarchy? L1 cache design Sangyeun Cho Computer Science Department Memory hierarchy Memory hierarchy goals Smaller Faster More expensive per byte CPU Regs L1 cache L2 cache SRAM SRAM To provide
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leak Cauldron on the Dark Land: Understanding Memor Side-Channel Hazards in SGX 1,4 Wenhao Wang, 2 Guoxing Chen, 1 Xiaorui Pan, 2 Yinqian Zhang, 1 XiaoFeng Wang, 3 Vincent Bindschaedler, 1 Haixu Tang and
More informationThe Story of Meltdown and Spectre. Jann Horn & Daniel Gruss May 17, 2018
The Story of Meltdown and Spectre Jann Horn & Daniel Gruss May 17, 2018 1 Who are we Jann Horn Google Project Zero jannh@google.com 2 Who are we Daniel Gruss Post-Doc @ Graz University Of Technology @lavados
More informationCross Processor Cache Attacks
Cross Processor Cache Attacks Gorka Irazoqui Worcester Polytechnic Institute girazoki@wpi.edu Thomas Eisenbarth Worcester Polytechnic Institute teisenbarth@wpi.edu Berk Sunar Worcester Polytechnic Institute
More informationRevAnC: A Framework for Reverse Engineering Hardware Page Table Caches
RevAnC: A Framework for Reverse Engineering Hardware Page Table Caches Stephan van Schaik stephan@synkhronix.com Kaveh Razavi kaveh@cs.vu.nl Ben Gras beng@cs.vu.nl ABSTRACT Herbert Bos herbertb@cs.vu.nl
More informationS$A: A Shared Cache Attack that Works Across Cores and Defies VM Sandboxing and its Application to AES
2015 IEEE Symposium on Security and Privacy S$A: A Shared Cache Attack that Works Across Cores and Defies VM Sandboxing and its Application to AES Gorka Irazoqui Worcester Polytechnic Institute Worcester,USA
More informationVirtual Memory. Patterson & Hennessey Chapter 5 ELEC 5200/6200 1
Virtual Memory Patterson & Hennessey Chapter 5 ELEC 5200/6200 1 Virtual Memory Use main memory as a cache for secondary (disk) storage Managed jointly by CPU hardware and the operating system (OS) Programs
More information14 May 2012 Virtual Memory. Definition: A process is an instance of a running program
Virtual Memory (VM) Overview and motivation VM as tool for caching VM as tool for memory management VM as tool for memory protection Address translation 4 May 22 Virtual Memory Processes Definition: A
More informationLogical Diagram of a Set-associative Cache Accessing a Cache
Introduction Memory Hierarchy Why memory subsystem design is important CPU speeds increase 25%-30% per year DRAM speeds increase 2%-11% per year Levels of memory with different sizes & speeds close to
More informationIntroduction. Memory Hierarchy
Introduction Why memory subsystem design is important CPU speeds increase 25%-30% per year DRAM speeds increase 2%-11% per year 1 Memory Hierarchy Levels of memory with different sizes & speeds close to
More informationCacheZoom: How SGX Amplifies The Power of Cache Attacks
CacheZoom: How SGX Amplifies The Power of Cache Attacks Ahmad Moghimi, Gorka Irazoqui, and Thomas Eisenbarth Worcester Polytechnic Institute, Worcester, MA, USA {amoghimi,girazoki,teisenbarth}@wpi.edu
More informationPortland State University ECE 587/687. Caches and Memory-Level Parallelism
Portland State University ECE 587/687 Caches and Memory-Level Parallelism Revisiting Processor Performance Program Execution Time = (CPU clock cycles + Memory stall cycles) x clock cycle time For each
More informationCS 6354: Memory Hierarchy I. 29 August 2016
1 CS 6354: Memory Hierarchy I 29 August 2016 Survey results 2 Processor/Memory Gap Figure 2.2 Starting with 1980 performance as a baseline, the gap in performance, measured as the difference in the time
More informationCS 537: Introduction to Operating Systems Fall 2015: Midterm Exam #1
CS 537: Introduction to Operating Systems Fall 2015: Midterm Exam #1 This exam is closed book, closed notes. All cell phones must be turned off. No calculators may be used. You have two hours to complete
More informationTopics to be covered. EEC 581 Computer Architecture. Virtual Memory. Memory Hierarchy Design (II)
EEC 581 Computer Architecture Memory Hierarchy Design (II) Department of Electrical Engineering and Computer Science Cleveland State University Topics to be covered Cache Penalty Reduction Techniques Victim
More informationVirtual Memory. CS61, Lecture 15. Prof. Stephen Chong October 20, 2011
Virtual Memory CS6, Lecture 5 Prof. Stephen Chong October 2, 2 Announcements Midterm review session: Monday Oct 24 5:3pm to 7pm, 6 Oxford St. room 33 Large and small group interaction 2 Wall of Flame Rob
More informationProf. Hakim Weatherspoon CS 3410, Spring 2015 Computer Science Cornell University. See P&H Chapter: , 5.8, 5.10, 5.15; Also, 5.13 & 5.
Prof. Hakim Weatherspoon CS 3410, Spring 2015 Computer Science Cornell University See P&H Chapter: 5.1-5.4, 5.8, 5.10, 5.15; Also, 5.13 & 5.17 Writing to caches: policies, performance Cache tradeoffs and
More informationSide-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attacks
Side-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attacks by Ahmad Moghimi A Thesis Submitted to the Faculty of the WORCESTER POLYTECHNIC INSTITUTE In partial fulfillment of the requirements
More informationCauldron: A Framework to Defend Against Cache-based Side-channel Attacks in Clouds
Cauldron: A Framework to Defend Against Cache-based Side-channel Attacks in Clouds Mohammad Ahmad, Read Sprabery, Konstantin Evchenko, Abhilash Raj, Dr. Rakesh Bobba, Dr. Sibin Mohan, Dr. Roy Campbell
More informationExploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android
S C I E N C E P A S S I O N T E C H N O L O G Y Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android Raphael Spreitzer, Simone Griesmayr, Thomas Korak, and Stefan Mangard IAIK,
More informationBinghamton University. CS-220 Spring Cached Memory. Computer Systems Chapter
Cached Memory Computer Systems Chapter 6.2-6.5 Cost Speed The Memory Hierarchy Capacity The Cache Concept CPU Registers Addresses Data Memory ALU Instructions The Cache Concept Memory CPU Registers Addresses
More informationF28HS Hardware-Software Interface: Systems Programming
F28HS Hardware-Software Interface: Systems Programming Hans-Wolfgang Loidl School of Mathematical and Computer Sciences, Heriot-Watt University, Edinburgh Semester 2 2017/18 0 No proprietary software has
More informationCSE 127 Computer Security
CSE 127 Computer Security Stefan Savage, Spring 2018, Lecture 19 Hardware Security: Meltdown, Spectre, Rowhammer Vulnerabilities and Abstractions Abstraction Reality Vulnerability Review: ISA and µarchitecture
More informationSarah L. Harris and David Money Harris. Digital Design and Computer Architecture: ARM Edition Chapter 8 <1>
Chapter 8 Digital Design and Computer Architecture: ARM Edition Sarah L. Harris and David Money Harris Digital Design and Computer Architecture: ARM Edition 215 Chapter 8 Chapter 8 :: Topics Introduction
More informationPRIME+ABORT: A Timer-Free High-Precision L3 Cache Attack using Intel TSX
PRIME+ABORT: A Timer-Free High-Precision L3 Cache Attack using Intel TSX Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen University of California, San Diego {cdisselk, dkohlbre}@cs.ucsd.edu,
More informationPerformance is awesome!
Acknowledgements I Background music for the choir song kindly provided by Kerbo-Kev. Cooking photos kindly provided by Becca Lee (ladyfaceblog). Santa Clause images by http://www.thevectorart.com/ Some
More informationCSE 351. Virtual Memory
CSE 351 Virtual Memory Virtual Memory Very powerful layer of indirection on top of physical memory addressing We never actually use physical addresses when writing programs Every address, pointer, etc
More informationEmbedded System Design
Embedded System Design Lecture 5 Jaeyong Chung System-on-Chips (SoC) Laboratory Incheon National University What We Have Covered So Far Instruction Set Architecture How CPU interacts with I/O controllers
More informationVlsi Modelling Of Side Channel Attacks On Modern Processors
RESEARCH ARTICLE OPEN ACCESS Vlsi Modelling Of Side Channel Attacks On Modern Processors M. Denesh Kumr 1, G. Dilli Rani 2, V. Thrimurthulu 3 1 II M.Tech VLSI SD Student, CR Engineering College, Tirupathi,
More informationSpectre Returns! Speculation Attacks Using Return Stack Buffer
Spectre Returns! Speculation Attacks Using Return Stack Buffer Esmaeil Mohammadian, Khaled N. Khasawneh, Chengyue Song and Nael Abu-Ghazaleh University of California, Riverside WOOT 2018 BALTIMORE, USA
More informationCray XE6 Performance Workshop
Cray XE6 Performance Workshop Mark Bull David Henty EPCC, University of Edinburgh Overview Why caches are needed How caches work Cache design and performance. 2 1 The memory speed gap Moore s Law: processors
More informationWhat is Cache Memory? EE 352 Unit 11. Motivation for Cache Memory. Memory Hierarchy. Cache Definitions Cache Address Mapping Cache Performance
What is EE 352 Unit 11 Definitions Address Mapping Performance memory is a small, fast memory used to hold of data that the processor will likely need to access in the near future sits between the processor
More informationHow to create a process? What does process look like?
How to create a process? On Unix systems, executable read by loader Compile time runtime Ken Birman ld loader Cache Compiler: generates one object file per source file Linker: combines all object files
More informationShow Me the $... Performance And Caches
Show Me the $... Performance And Caches 1 CPU-Cache Interaction (5-stage pipeline) PCen 0x4 Add bubble PC addr inst hit? Primary Instruction Cache IR D To Memory Control Decode, Register Fetch E A B MD1
More informationImproving Cache Performance and Memory Management: From Absolute Addresses to Demand Paging. Highly-Associative Caches
Improving Cache Performance and Memory Management: From Absolute Addresses to Demand Paging 6.823, L8--1 Asanovic Laboratory for Computer Science M.I.T. http://www.csg.lcs.mit.edu/6.823 Highly-Associative
More informationCS 152 Computer Architecture and Engineering. Lecture 11 - Virtual Memory and Caches
CS 152 Computer Architecture and Engineering Lecture 11 - Virtual Memory and Caches Krste Asanovic Electrical Engineering and Computer Sciences University of California at Berkeley http://www.eecs.berkeley.edu/~krste
More informationRuntime Integrity Checking for Exploit Mitigation on Embedded Devices
Runtime Integrity Checking for Exploit Mitigation on Embedded Devices Matthias Neugschwandtner IBM Research, Zurich eug@zurich.ibm.com Collin Mulliner Northeastern University, Boston collin@mulliner.org
More informationarxiv: v2 [cs.cr] 20 Aug 2017
CacheZoom: How SGX Amplifies The Power of Cache Attacks arxiv:1703.06986v2 [cs.cr] 20 Aug 2017 Ahmad Moghimi Worcester Polytechnic Institute amoghimi@wpi.edu Abstract In modern computing environments,
More informationCACHE MEMORIES ADVANCED COMPUTER ARCHITECTURES. Slides by: Pedro Tomás
CACHE MEMORIES Slides by: Pedro Tomás Additional reading: Computer Architecture: A Quantitative Approach, 5th edition, Chapter 2 and Appendix B, John L. Hennessy and David A. Patterson, Morgan Kaufmann,
More informationImplementing Secure Software Systems on ARMv8-M Microcontrollers
Implementing Secure Software Systems on ARMv8-M Microcontrollers Chris Shore, ARM TrustZone: A comprehensive security foundation Non-trusted Trusted Security separation with TrustZone Isolate trusted resources
More informationSecuring High-performance RISC-V Processors from Time Speculation Christopher Celio, Jose Renau Esperanto Technologies {christopher.
Securing High-performance RISC-V Processors from Time Speculation Christopher Celio, Jose Renau Esperanto Technologies {christopher.celio, jose.renau} @esperantotech.com 8th RISC-V Workshop Barcelona,
More information