RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks

TL;DR

This paper introduces RELOAD+REFRESH, a novel cache attack exploiting cache replacement policies to covertly monitor cache activity without causing evictions, thereby evading existing detection methods and compromising cryptographic implementations.

Contribution

It demonstrates a new cache attack method that leverages cache replacement policies to bypass detection, with a methodology applicable to recent Intel processors.

Findings

RELOAD+REFRESH can track cache accesses without evictions.

The attack is effective against cryptographic implementations.

Detection mechanisms based on evictions are circumvented.

Abstract

Caches have become the prime method for unintended information extraction across logical isolation boundaries. Even Spectre and Meltdown rely on the cache side channel, as it provides great resolution and is widely available on all major CPU platforms. As a consequence, several methods to stop cache attacks by detecting them have been proposed. Detection is strongly aided by the fact that observing cache activity of co-resident processes is not possible without altering the cache state and thereby forcing evictions on the observed processes. In this work, we show that this widely held assumption is incorrect. Through clever usage of the cache replacement policy it is possible to track a victims process cache accesses without forcing evictions on the victim's data. Hence, online detection mechanisms that rely on these evictions can be circumvented as they do not detect be the introduced RELOAD+REFRESH attack. The attack requires a profound understanding of the cache replacement policy. We present a methodology to recover the replacement policy and apply it to the last five generations of Intel processors. We further show empirically that the performance of RELOAD+REFRESH on cryptographic implementations is comparable to that of other widely used cache attacks, while its detectability becomes extremely difficult, due to the negligible effect on the victims cache access pattern.