Close

Presentation

Data Oblivious CPU: Micro-architectural Side-channel Leakage-Resilient Processor
SessionNew Frontiers in Microarchitectural and Physical Attacks and Defenses
DescriptionMitigating micro-architectural side channels remains a central challenge in hardware security. Despite substantial research efforts, current defenses are often narrowly tailored to specific vulnerabilities, leaving systems exposed to a broader spectrum of micro-architectural side-channel attacks. In this paper, we propose a generic approach to mitigate side-channel attacks with minimal architectural changes. Unlike traditional approaches that focus on mitigating specific side channels, we propose a dynamic strategy that alters the decoding of the instructions into secure (side-channel resilient) or performance versions of the instructions, based on the data it is processing. Specifically, to minimize performance overhead, decoding to a secure version is selectively applied only when sensitive data is being processed, ensuring optimal performance for instructions operating on non-sensitive data.

To evaluate our approach, we implement it on the RISC-V out-of-order BOOM processor. Our results demonstrate that the mechanism increases FPGA resource utilization by only 2% compared to the original design. Additionally, it imposes 0% performance overhead for unprotected applications, while maintaining overhead between up to 25% for security-critical workloads. This work represents a scalable and efficient solution for defending against micro-architectural side-channel attacks without compromising system performance.
Authors
Behnam Omidi
George Mason University
Ihsen Alouani
Queen's University Belfast
Khaled N. Khasawneh
George Mason University
Event Type
Research Manuscript
TimeMonday, June 231:45pm - 2:00pm PDT
Location3006, Level 3
Topics
Security
Tracks
SEC3: Hardware Security: Attack & Defense
Next PresentationNext Presentation
"OOPS!": Out-Of-Band Remote Power Side-Channel Attacks on Intel SGX and TDX