With the rapid advancement of modern processor technologies, the potential threat to processor memory security from external devices necessitates robust memory protection mechanisms. To ensure the stability and security of processors, Input-Output (IO) physical memory protection mechanisms are commonly employed to prevent unauthorized access to processor memory. However, the redundancy in the mapping relationships between modules in traditional IO physical memory protection mechanisms leads to an increase in processor runtime. This paper, focusing on RISC-V processors, presents an efficient memory protection scheme, named L-OPT, by investigating traditional IO physical memory protection approaches. L-OPT optimizes the mapping relationships between internal modules in conventional memory protection schemes. In comparison with the unoptimized state of the processor in memory testing scenarios, L-OPT demonstrates a 112% efficiency improvement, validating its effectiveness in enhancing processor runtime efficiency.
KEYWORDS: Information security, Operating systems, Computer security, Defense and security, Design, Switches, Clouds, Time metrology, Phase measurement, Mobile devices
Trusted Execution Environment (TEE) find extensive applications in various scenarios such as secure cloud services, databases, big data computing, and blockchain. They establish a secure operational zone, often referred to as an Enclave, for applications. The Keystone Trusted Execution Environment offers a range of security primitives, including memory isolation, secure boot, and remote authentication. It stands out as the first open-source framework under the RISC-V architecture designed for constructing customized TEEs and is currently the mainstream TEE in the RISC-V architecture. However, Keystone itself does not provide protection for Enclaves or security monitors against Cache timing attacks. Recent research has demonstrated that malicious actors, leveraging Spectre attacks, can use Cache timing attack techniques to detect Enclave data through shared caches. This paper proposes a Keystone extension design, calling the extended framework Keyson-LLCI (Last Leavel Cache Isolation). Through security analysis, we prove that it can isolate enclaves and operating systems into different cache paths at the LLC level, thus eliminating the influence of cache side channels and increasing the isolation and security of enclaves. We implemented this hardware extension on an FPGA development board and conducted performance testing and IOZone testing. The test results indicate that Keystone-LLCI can effectively defend against Cache timing attacks, with a performance loss of approximately 14%. The latency of read and write operations increased by 12.4% and 14.1%, respectively. It represents an extension design with relatively low performance loss.
Cache isolation is a highly effective method for defending against cache side-channel attacks. This approach divides the cache into different isolation domains, assigning distinct domains to mutually untrusted processes, preventing processes from sharing the cache across domains. However, existing solutions have certain limitations. Cache partitioning based on ways has a limited number of isolation domains and may not fully meet users' practical needs. Page coloring schemes require proportional allocation of memory and cache, which is inflexible. This paper introduces ICS, a flexible and secure cache isolation solution. ICS supports up to hundreds of isolation domains, with memory allocation independent of the cache. Additionally, domain management is convenient. ICS is a set isolation solution, with its core being SMT. SMT modifies the mapping relationship between memory and LLC, directing the memory of different isolation domains to distinct cache sets. Implemented with a 1MB 16-way LLC, ICS can support a maximum of 512 isolation domains, with a storage overhead of approximately 1.3% and performance loss of around 1%. It represents a cost-effective method for defending against cache side-channel attacks.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.