Robust and Efficient Elimination of Cache and Timing Side Channels

TL;DR

This paper introduces a robust, low-overhead method to eliminate timing and cache side channels across multiple programming languages, significantly reducing performance overhead compared to existing defenses.

Contribution

The authors propose a source-code modification technique that effectively mitigates cache and timing side channels in various languages without architecture-specific adjustments.

Findings

Successfully eliminates side-channel leaks in C, C++, and Java programs.

Achieves lower performance overhead than existing defenses.

Works with minimal source code changes across multiple platforms.

Abstract

Timing and cache side channels provide powerful attacks against many sensitive operations including cryptographic implementations. Existing defenses cannot protect against all classes of such attacks without incurring prohibitive performance overhead. A popular strategy for defending against all classes of these attacks is to modify the implementation so that the timing and cache access patterns of every hardware instruction is independent of the secret inputs. However, this solution is architecture-specific, brittle, and difficult to get right. In this paper, we propose and evaluate a robust low-overhead technique for mitigating timing and cache channels. Our solution requires only minimal source code changes and works across multiple languages/platforms. We report the experimental results of applying our solution to protect several C, C++, and Java programs. Our results demonstrate that our solution successfully eliminates the timing and cache side-channel leaks while incurring significantly lower performance overhead than existing approaches.