RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks (1904.06278v1)

Abstract: Caches have become the prime method for unintended information extraction across logical isolation boundaries. Even Spectre and Meltdown rely on the cache side channel, as it provides great resolution and is widely available on all major CPU platforms. As a consequence, several methods to stop cache attacks by detecting them have been proposed. Detection is strongly aided by the fact that observing cache activity of co-resident processes is not possible without altering the cache state and thereby forcing evictions on the observed processes. In this work, we show that this widely held assumption is incorrect. Through clever usage of the cache replacement policy it is possible to track a victims process cache accesses without forcing evictions on the victim's data. Hence, online detection mechanisms that rely on these evictions can be circumvented as they do not detect be the introduced RELOAD+REFRESH attack. The attack requires a profound understanding of the cache replacement policy. We present a methodology to recover the replacement policy and apply it to the last five generations of Intel processors. We further show empirically that the performance of RELOAD+REFRESH on cryptographic implementations is comparable to that of other widely used cache attacks, while its detectability becomes extremely difficult, due to the negligible effect on the victims cache access pattern.

Overview of "RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks"

The paper entitled "RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks" presents an in-depth paper on cache replacement policies within recent generations of Intel processors, as well as introduces a novel cache side-channel attack method termed RELOAD+REFRESH. This research reveals critical insights into the complexities of cache management, specifically addressing vulnerabilities arising from cache eviction strategies.

Technical Novelty and Findings

The paper meticulously reverse engineers the cache replacement policies across various Intel processor generations. The authors uncover that these architectures operate using a Quad-Age LRU policy, characterized by two bits for aging control that profoundly influence replacement decisions. This revelation challenges previous assumptions about Intel's cache policies and provides an empirical basis for understanding cache eviction mechanisms across fourth to eighth generations of Intel processors.

The primary contribution of the research is the introduction of the RELOAD+REFRESH attack, which exploits the deterministic nature of these cache replacement policies. Unlike traditional cache attacks such as FLUSH+RELOAD and PRIME+PROBE, RELOAD+REFRESH enables an adversary to monitor cache accesses without inducing cache evictions on the victim, therefore evading existing detection systems that rely on such evictions as indicators of an ongoing attack.

Through detailed experimentation, the authors demonstrate the attack's effectiveness in extracting cryptographic keys from AES T-Table implementations and monitoring RSA's square-and-multiply algorithm. Their results showcase that RELOAD+REFRESH achieves comparable precision to state-of-the-art cache attacks while maintaining near-stealth operation, thus posing significant challenges for detection.

Methodological Insights

The paper outlines a comprehensive method for determining cache replacement policies through a series of experiments that predict eviction candidates with high accuracy. This approach leverages the controlled modification and measurement of cache line states to derive and validate the replacement policy configurations. The methodology promises applicability in evaluating policies across different processors and architectures, potentially guiding future research in cache management and security.

Implications and Future Directions

The findings have noteworthy implications for both theoretical exploration and practical interventions in cybersecurity. From a theoretical standpoint, the accurate reverse engineering of cache policies advances the understanding of microarchitectural intricacies and their role in processor performance and security. Practically, the proposed attack model underscores the need for rethinking current detection frameworks which often focus on cache miss patterns. Subsequent research might focus on developing more sophisticated detection systems that account for non-obvious adversary behaviors like those exemplified by RELOAD+REFRESH.

Furthermore, the paper raises important questions about the evolution of cache architectures and the commensurate security measures required to safeguard sensitive operations against increasingly stealthy adversarial methods. Future developments in cloud computing, IoT devices, and distributed systems will need to incorporate adaptive security strategies to mitigate the risks posed by advanced cache side-channel attacks.

In conclusion, this paper offers significant advancements in cache attack strategies and detection systems. The exposition of Intel's Quad-Age LRU policy and the origination of RELOAD+REFRESH represent substantial contributions to the microarchitectural security domain, warranting attention from researchers focused on hardware security and optimization.