English

BackCache: Mitigating Contention-Based Cache Timing Attacks by Hiding Cache Line Evictions

Cryptography and Security 2024-06-13 v5 Hardware Architecture

Abstract

Caches are used to reduce the speed differential between the CPU and memory to improve the performance of modern processors. However, attackers can use contention-based cache timing attacks to steal sensitive information from victim processes through carefully designed cache eviction sets. And L1 data cache attacks are widely exploited and pose a significant privacy and confidentiality threat. Existing hardware-based countermeasures mainly focus on cache partitioning, randomization, and cache line flushing, which unfortunately either incur high overhead or can be circumvented by sophisticated attacks. In this paper, we propose a novel hardware-software co-design called BackCache with the idea of always achieving cache hits instead of cache misses to mitigate contention-based cache timing attacks on the L1 data cache. BackCache places the evicted cache lines from the L1 data cache into a fully-associative backup cache to hide the evictions. To improve the security of BackCache, we introduce a randomly used replacement policy (RURP) and a dynamic backup cache resizing mechanism. We also present a theoretical security analysis to demonstrate the effectiveness of BackCache. Our evaluation on the gem5 simulator shows that BackCache can degrade the performance by 2.61%, 2.66%, and 3.36% For OS kernel, single-thread, and multi-thread benchmarks.

Keywords

Cite

@article{arxiv.2304.10268,
  title  = {BackCache: Mitigating Contention-Based Cache Timing Attacks by Hiding Cache Line Evictions},
  author = {Quancheng Wang and Xige Zhang and Han Wang and Yuzhe Gu and Ming Tang},
  journal= {arXiv preprint arXiv:2304.10268},
  year   = {2024}
}

Comments

14 pages, 13 figures, 6 tables

R2 v1 2026-06-28T10:12:22.502Z