Analysis and design of microarchitectural side-channel attacks and countermeasures

Resumen

Nowadays, computer systems are highly optimized to achieve the maximum performance for the existing fabrication technologies. Each processor includes multiple cores and even multiple threads per core, components that allow it to predict the execution path before it is actually taken, shared resources that are efficiently managed, etc. Indeed, these optimized systems have brought a number of technologies that facilitate our daily tasks such as cloud computing. However, computer designers have not considered that these microarchitectural improvements can open a back door for malicious agents. Actually, these components that enhance performance introduce, at the same time, measurable side-effects on the system that can be exploited by an adversary to retrieve secret information from the processes running in the system. As it has been demonstrated, the hardware can undermine the security of a system. The attacks that exploit the aforementioned side-effects are known as side-channel attacks; in particular, as microarchitectural side-channel attacks. In the last years, these attacks have gained increasing attention from the research community due to their ability to extract private information from their victims with great resolution in a relatively short time. Besides, these attacks do not damage the hardware in which they run, nor require any special privilege to succeed and are not identified as malicious by most anti-viruses. Researchers have used microarchitectural side-channels to retrieve AES, RSA, ECDSA cryptographic keys among other private information exploiting the shared hardware, even across Virtual Machines (VMs) allocated in the same host. This research contemplates the analysis of leakage mechanisms in current microprocessors that run different processes in parallel. Specifically, we mainly focus on the Last Level Cache, which is shared across all the cores. Consequently, a malicious process or VM that runs in a core, can use the cache to influence the behavior of any different process or VM running in the same machine to infer information about it. The main goal of this Ph.D. Thesis is to improve the security of the cyber-physical systems that manipulate and store private information. In order to design proper countermeasures that avoid or minimize the leakage, a complete understanding of the leaking mechanisms and its root causes is required. Thus, in this work, we dive into the details of the cache architecture and successfully retrieve the replacement policy implemented in Intel processors. We analyze state-of-the-art cache attacks and demonstrate that they alter the normal behavior of a system. Based on this idea, we develop highly reliable detection-based countermeasures that introduce negligible overhead in the system and that can be utilized by any user at will. Additionally, this work considers and evaluates other sources of information. For instance, we show how the variations in the performance of a test process can be exploited to determine the total CPU load of the system. We also demonstrate that known attacks have been underestimated by significantly reducing the number of samples required for an attack to succeed. Furthermore, we use the acquired knowledge to design new attacks that circumvent some proposed countermeasures, as detection countermeasures or data prefetching. Last, this work includes a seminal proposal of a security-aware allocation policy to implement a cloud computing task scheduler. The allocation strategy considers the knowledge acquired during this Ph.D. Thesis, including detection mechanisms, in the consolidation algorithm of Virtual Machines. The policy includes confidence and reputation of the clients and the Virtual Machines to reduce conflicts when collocating them, reducing the risk of suffering a side-channel attack, and acting when an attack is detected.