Title:  Architecting Secure Processor Caches

Committee:

Dr. Moin Qureshi, CoC, Advisor

Dr. Tushar Krishna, ECE

Dr. Taesoo Kim, CoC

Dr. Milos Prvulovic, CoC

Dr. Christopher Fletcher, UIUC

Abstract: Processor caches enable fast access to data and are a major source of performance gains in modern processors. However, shared caches lead to serious security vulnerabilities like cache side channel attacks. In such attacks, cache interactions between a victim and a malicious process have been shown to leak encryption keys, user-sensitive data such as browsing histories and even confidential intellectual property such as machine-learning models. This thesis addresses the gap in the understanding of the capabilities of such attacks, and the lack of principled and practical solutions to mitigate them. First, this thesis investigates the capabilities of attackers and in the process develops a new cache attack called Streamline, that is considerably faster than current state-of-the-art attacks. Streamline reaches bitrates of more than 1MB/s, while being applicable to a broader class of processors than prior attacks. Second, this thesis develops a principled and practical defense using cache randomization, called MIRAGE. MIRAGE provides the security of a fully-associative design and eliminates set-conflict based cache side channels while preserving practical lookups. While 5 different randomized cache defenses were recently broken, MIRAGE has remained unbroken so far. Third, this thesis explores a practical cache partitioning defense to eliminate all potential cache side channels, with Bespoke Cache Enclaves. Bespoke provides 500+ simultaneous partitions of customizable sizes, surpassing practical limitations of prior works using way or set-partitioning, which only provide small number of partitions or partitions that are inflexible in size. Finally, this thesis develops solutions to harden caches against new forms of side-channel leakage via transient execution attacks like Spectre and Meltdown. This work develops CleanupSpec, a low overhead approach to roll back or randomize speculative changes to the cache to prevent exploitation of caches in such attacks. In summary, the solutions developed in this thesis enable security against side-channels for future processors while retaining a majority of the performance and practicality benefits of shared caches.