Systematic Evaluation of Randomized Cache Designs against Cache Occupancy

Randomizing the address-to-set mapping and partitioning of the cache has been shown to be an effective mechanism in designing secured caches. Several designs have been proposed on a variety of rationales: 1 ⃝ randomized design, 2 ⃝ randomized-and-partitioned design, and 3 ⃝ psuedo-fully associative design. This work fills in a crucial gap in current literature on randomized caches: currently most randomized cache designs defend only contention-based attacks, and leave out considerations of cache occupancy. We perform a systematic evaluation of 5 randomized cache designs-CEASER, CEASER-S, MIRAGE, ScatterCache, and SassCache against cache occupancy wrt. both performance as well as security. With respect to performance, we first establish that benchmarking strategies used by contemporary designs are unsuitable for a fair evaluation (because of differing cache configurations, choice of benchmarking suites, additional implementation-specific assumptions). We thus propose a uniform benchmarking strategy, which allows us to perform a fair and comparative analysis across all designs under various replacement policies. Likewise, with respect to security against cache occupancy attacks, we evaluate the cache designs against various threat assumptions: 1 ⃝ covert channels, 2 ⃝ process fingerprinting, and 3 ⃝ AES key recovery (to the best of our knowledge, this work is the first to demonstrate full AES key recovery on a randomized cache design using cache occupancy attack). Our results establish the need to also consider cache occupancy side-channel in randomized cache design considerations.