Robust and Efficient Elimination of Cache and Timing Side Channels
This addresses security vulnerabilities in sensitive operations like cryptography, offering a practical defense against side-channel attacks with reduced overhead, though it is an incremental improvement over prior methods.
The paper tackles the problem of timing and cache side-channel attacks on cryptographic implementations by proposing a robust, low-overhead technique that requires minimal source code changes and works across multiple languages/platforms. The results show it successfully eliminates side-channel leaks with significantly lower performance overhead than existing approaches.
Timing and cache side channels provide powerful attacks against many sensitive operations including cryptographic implementations. Existing defenses cannot protect against all classes of such attacks without incurring prohibitive performance overhead. A popular strategy for defending against all classes of these attacks is to modify the implementation so that the timing and cache access patterns of every hardware instruction is independent of the secret inputs. However, this solution is architecture-specific, brittle, and difficult to get right. In this paper, we propose and evaluate a robust low-overhead technique for mitigating timing and cache channels. Our solution requires only minimal source code changes and works across multiple languages/platforms. We report the experimental results of applying our solution to protect several C, C++, and Java programs. Our results demonstrate that our solution successfully eliminates the timing and cache side-channel leaks while incurring significantly lower performance overhead than existing approaches.