Trustworthy Systems

Your processor leaks information — and there's nothing you can do about it

Authors

Qian Ge, Yuval Yarom, Frank Li and Gernot Heiser

Data61
CSIRO
UNSW
Uni. Adelaide

Published:

https://arxiv.org/pdf/1612.04474.pdf

Abstract

Timing channels are information flows, encoded in the relative timing of events, that bypass the system’s protection mechanisms. Any microarchitectural state that depends on execution history and affects the rate of progress of later executions potentially establishes a timing channel, unless explicit steps are taken to close it. Such state includes CPU caches, TLBs, branch predictors and prefetchers; removing the channels requires that the OS can partition such state or flush it on a switch of security domains. We measure the capacities of channels based on these microarchitectural features on several generations of processors across the two mainstream ISAs, x86 and ARM, and investigate the effectiveness of the flushing mechanisms provided by the respective ISA. We find that in all processors we studied, at least one significant channel remains. This implies that closing all timing channels seems impossible on contemporary mainstream processors.

BibTeX Entry

  @article{Ge_YLH_17,
    author           = {Qian Ge and Yuval Yarom and Frank Li and Gernot Heiser},
    howpublished     = {https://arxiv.org/pdf/1612.04474.pdf},
    journal          = {arXiv preprint arXiv:1612.04474},
    paperurl         = {https://trustworthy.systems/publications/papers/Ge_YLH_17.pdf},
    title            = {Your Processor Leaks Information --- and There's Nothing You Can Do About It},
    year             = {2017}
  }

Download