Hardware caches are essential performance optimization features in modern processors to reduce the effective memory access time. Unfortunately, they are also the prime targets for attacks on computer processors because they are high-bandwidth and reliable side or covert channels for leaking secrets. Conventional cache timing attacks typically leak secret encryption keys, while recent speculative execution attacks typically leak arbitrary illegally-obtained secrets through cache timing channels. While many hardware defenses have been proposed for each class of attacks, we show that those for conventional (non-speculative) cache timing channels do not work for all speculative execution attacks, and vice versa. We maintain that a cache is not secure unless it can defend against both of these major attack classes. We propose a new methodology and framework for covering such relatively large attack surfaces to produce a Speculative and Timing Attack Resilient (STAR) cache subsystem. We use this to design two comprehensive secure cache architectures, STAR-FARR and STAR-NEWS, that have very low performance overheads of 5.6% and 6.8%, respectively. To the best of our knowledge, these are the first secure cache designs that cover both non-speculative cache side channels and cache-based speculative execution attacks. Our methodology can be used to compose and check other secure cache designs. It can also be extended to other attack classes and hardware systems. Additionally, we also highlight the intrinsic security and performance benefits of a randomized cache like a real Fully Associative cache with Random Replacement (FARR) and a lower-latency, speculation-aware version (NEWS).

翻译：硬件缓存是现代处理器中降低有效内存访问时间的关键性能优化特性。然而，它们也是计算机处理器攻击的主要目标，因为它们是高带宽且可靠的侧信道或隐藏信道，用于泄露秘密。传统缓存时序攻击通常泄露秘密加密密钥，而近期推测执行攻击则通过缓存时序信道泄露任意非法获取的秘密。尽管针对每类攻击已提出许多硬件防御方案，但我们表明，针对传统（非推测）缓存时序信道的防御无法完全应对所有推测执行攻击，反之亦然。我们认为，缓存若无法抵御这两大类主要攻击，则不能视为安全。我们提出了一种方法和框架，用于覆盖如此庞大的攻击面，以构建具有抗推测与时序攻击能力（STAR）的缓存子系统。利用此方法，我们设计了两种全面的安全缓存架构——STAR-FARR和STAR-NEWS，其性能开销分别仅为5.6%和6.8%。据我们所知，这是首批同时涵盖非推测缓存侧信道与基于缓存的推测执行攻击的安全缓存设计。我们的方法可用于组合和检验其他安全缓存设计，并扩展至其他攻击类别及硬件系统。此外，我们还强调了随机化缓存（如采用随机替换策略的真正全关联缓存（FARR）及其低延迟、感知推测的变体（NEWS））所固有的安全性与性能优势。