ScrambleCache
Enhanced security for processors cache memories
Cache memories reduce the access time between the main memory and the processor. They are vulnerable to cache timing attacks, which can be used to obtain sensitive data or encryption keys. ScrambleCache is a hardware countermeasure that improves the two most commonly used security mechanisms: randomization and cache partitioning. Its efficiency was proven by using a write-through cache memory. It was demonstrated using FPGA with the RISC-V CVA6 processor and two patents were filed.
What's new?
While randomization and partitioning help protect cache memories, they also slow down processors. ScrambleCache reduces this latency:
-
Thanks to randomization (i.e. adding pseudo-random variables that bias an attacker's observation of memory access times): adds a randomization history table and associated application identifiers in order to avoid routinely clearing and reloading the cache.
-
Thanks to partitioning (i.e. the distribution of data in various areas of memory): uses dynamic and therefore variable partitioning as well as a check of legitimacy for each application on every piece of data. This reduces the need to reload data that is shared by several applications.
| What to expect in the future?
-
Optimize ScrambleCache for write-back cache and evaluate it on ASIC.
- Benchmark ScrambleCache with various Linux OS applications to confirm its reduced impact on access times (already demonstrated through simulation).
|