CPU Caches are powerful sources of information leakage. To develop practical Cache-based attacks, the need for automation of the process of finding exploitable Cachebased side-channels in computer systems is felt more than ever. Cache template attack is a generic technique that utilizes Flush+Reload attack in order to automatically exploit Cache vulnerability of Intel platforms. Cache template attack on the T-table-based AES implementation consists of two phases including the pro, ling phase and key exploitation phase. Pro, ling is a preprocessing phase to monitor dependencies between the secret key and behavior of the Cache memory. In addition, the addresses of T-tables can be obtained automatically. At the key exploitation phase, Most Significant Bits (MSBs) of the secret key bytes are retrieved by monitoring the exploitable addresses. This study proposed a simple yet effective searching technique, which accelerates the pro, ling phase by a factor of utmost 64. In order to verify the theoretical model of our technique, the mentioned attack on AES was implemented. The experimental results revealed that the pro, ling phase runtime of the Cache template attack was approximately 10 minutes, while the proposed method could speed up the running of this phase up to almost 9 seconds.

The template attack is one of the most e cient attacks for exploiting the secret key. template-based attack extracts a model for the behavior of side channel information from a device that is similar to the target device and then uses this model to retrieve the correct key on the target victim device. Until now, many researchers have focused on improving the performance of template attacks, but recently, a few countermeasures have been proposed to protect the design against these attacks. On the other hand, researches show that regular countermeasures against these attacks are costly. Randomized shu ing in the time domain is known as a cost-e ective countermeasure against side-channel attacks that are widely used. In this article, we implemented an actual template attack and proposed an e cient countermeasure against it. We focus on the time shifting method against template attack. The results show that template attack is very susceptible to this method. The performance of attack on an AES algorithm is considerably reduced with this method. We reported the analysis results of our countermeasure. The performance of the attack can be determined according to various criteria. One of these criteria is the success rate of the attack. According to these results, template attack will be hardened signi cantly after the proposed protection such that the grade of the key recovery increases from 1 with 350K traces in unprotected design to 2 100 with 700K traces in the protected circuit. This security improvement gains in the cost of about 7% delay overhead.

Access-driven attacks are a series of Cache-based attacks using fewer measurement samples to extract sensitive key values due to the ability of the attacker to evict or access Cache lines compared to the other attacks based on this feature. Knowledge of address offset for the corresponding data blocks in cryptographic libraries is a prerequisite for an adversary to reload or evict Cache lines in Intel processors. Preventing the access of attackers to the address offsets can potentially be a countermeasure to mitigate access-driven attacks. In this paper, we demonstrate how to perform the Evict+Time attack on Intel x86 CPUs without any privilege of knowing address offsets.

Last level Cache (LLC) management can considerably improve the performance of Chip Multi Processors (CMPs) by reducing the miss rate and decreasing the average L1 miss latency. LLC management approaches try to either map data to Caches which are closer to cores, or exploit Caches of neighboring cores to increase performance and reduce off-chip misses. To reduce the miss rate, we need to use Cache slices of the other cores in NUCA architectures, but it increases the average L1 miss latency since the data to be accessed by cores are located in remote Cache slices. As a result, designing an intelligent management approach to improve the system performance on a variety of workloads and systems is necessary. In this paper, an adaptive Cache clustering called ACC is presented. ACC augments L2 Cache size by using the L2 Cache slices of neighboring cores adaptively. ACC selects Cache slices with minimum distance to the target core while evaluating the amount of L2 Cache slices being used on the surrounding tiles. To validate our approach, we apply several applications from SPEC CPU2006 and PARSEC benchmark suites. The results show the effectiveness of our approach, as we get speedup by up to 18%.