Janus: An Uncertain Cache Architecture to Cope with Side Channel Attacks

TL;DR

Janus is a novel cache architecture that introduces randomization and uncertainty in cache behavior to defend against side channel attacks, showing promising results with minimal hardware overhead.

Contribution

The paper presents Janus, a new cache design with on-off flags for data blocks, enabling runtime randomization to enhance security against side channel attacks.

Findings

Significant variation in timing behavior across benchmarks.

Minimal hardware overhead for the new architecture.

Improved protection against power analysis and timing attacks.

Abstract

Side channel attacks are a major class of attacks to crypto-systems. Attackers collect and analyze timing behavior, I/O data, or power consumption in these systems to undermine their effectiveness in protecting sensitive information. In this work, we propose a new cache architecture, called Janus, to enable crypto-systems to introduce randomization and uncertainty in their runtime timing behavior and power utilization profile. In the proposed cache architecture, each data block is equipped with an on-off flag to enable/disable the data block. The Janus architecture has two special instructions in its instruction set to support the on-off flag. Beside the analytical evaluation of the proposed cache architecture, we deploy it in an ARM-7 processor core to study its feasibility and practicality. Results show a significant variation in the timing behavior across all the benchmarks. The new secure processor architecture has minimal hardware overhead and significant improvement in protecting against power analysis and timing behavior attacks.