Seminars

View all Seminars  |  Download ICal for this event

Securing Processors against Side-Channel Attacks: CPU Caches, Schedulers, and Beyond!

Series: Department Seminar

Speaker: Prof. Gururaj Saileshwar University of Toronto

Date/Time: Dec 05 15:00:00

Location: CSA Seminar Hall (Room No. 254, First Floor)

Abstract:
In recent years, micro-architectural side-channel attacks have emerged as a unique and potent threat to security and privacy. Identifying these side-channels is difficult as they often originate from undocumented hardware structures. Moreover, their root-cause lies in crucial hardware performance optimizations, making low overhead mitigation challenging. This talk will focus on both discovery of new attacks and new low-cost defenses.

First, I will discuss CPU cache-side-channel attacks, originating from cache-set conflicts. Such attacks can leak keys from encryption algorithms, cause privacy breaches like user activity fingerprinting, etc. Recently, many randomized cache defenses have been proposed as mitigations, but they have been broken by adaptive attacks. To fundamentally address this problem, we propose MIRAGE [SEC�??21], a defense that eliminates set-conflicts with an abstraction of a fully associative cache. It achieves this practically with a set-associative design at less than 2% slowdown using Power-of-2-Random-Choices based load-balancing. While 2018 to 2020 saw 5 different defenses broken by 6 attacks, MIRAGE since 2020 has been unbroken.

Next, I will discuss a new side-channel vulnerability we discovered in AMD CPUs (Zen 2 & 3), called SQUIP [SP�??23]. This work discovered a vulnerability with shared scheduler queues in multi-threaded AMD CPUs. We demonstrated a side-channel attack exploiting scheduler queue contention that can leak a 4096-bit RSA key across SMT-threads. The vulnerability was acknowledged by AMD and assigned CVE-2021- 46778.

Speaker Bio:
Gururaj Saileshwar is an Assistant Professor at the University of Toronto, Dept of Computer Science. His research is at the intersection of computer architecture and security, with interests in micro-architectural side-channels, DRAM Rowhammer attacks, and trusted execution environments. His work has received an IEEE HPCA Best Paper Award, an IEEE Micro Top Picks Honorable Mention, and his 2022 PhD dissertation has been recognized with an IEEE HOST Best PhD Dissertation Award, an IEEE TCCA / ACM SIGARCH Best Dissertation Award (Honorable Mention), and ACM SIGMICRO Dissertation Award (Honorable Mention).

Host Faculty: Arkaprava Basu