Title :
Side-channel vulnerability factor: A metric for measuring information leakage
Author :
Demme, John ; Martin, Robert ; Waksman, Adam ; Sethumadhavan, Simha
Author_Institution :
Dept. of Comput. Sci., Columbia Univ., New York, NY, USA
Abstract :
There have been many attacks that exploit side-effects of program execution to expose secret information and many proposed countermeasures to protect against these attacks. However there is currently no systematic, holistic methodology for understanding information leakage. As a result, it is not well known how design decisions affect information leakage or the vulnerability of systems to side-channel attacks. In this paper, we propose a metric for measuring information leakage called the Side-channel Vulnerability Factor (SVF). SVF is based on our observation that all side-channel attacks ranging from physical to microarchitectural to software rely on recognizing leaked execution patterns. SVF quantifies patterns in attackers´ observations and measures their correlation to the victim´s actual execution patterns and in doing so captures systems´ vulnerability to side-channel attacks. In a detailed case study of on-chip memory systems, SVF measurements help expose unexpected vulnerabilities in whole-system designs and shows how designers can make performance-security trade-offs. Thus, SVF provides a quantitative approach to secure computer architecture.
Keywords :
computer architecture; cryptography; microprocessor chips; storage management chips; computer architecture; design decisions; information leakage; on-chip memory systems; performance-security trade-offs; program execution side-effects; secret information; side-channel attacks; side-channel vulnerability factor; Correlation; Cryptography; Noise; Prefetching; Time measurement;
Conference_Titel :
Computer Architecture (ISCA), 2012 39th Annual International Symposium on
Conference_Location :
Portland, OR
Print_ISBN :
978-1-4673-0475-7
Electronic_ISBN :
1063-6897
DOI :
10.1109/ISCA.2012.6237010
