The past decade has seen a plethora of side-channel<br/>attacks on various CPU components. Each new attack typically<br/>follows a whitebox analysis approach, which involves (i) identify-<br/>ing a specific shared CPU component, (ii) reversing its behavior<br/>on a specific microarchitecture, and (iii) surgically exploiting<br/>such knowledge to leak information (e.g., by actively evicting<br/>shared entries to monitor victim accesses). This approach requires<br/>lengthy reverse engineering, repeated for every com…

Increased peripheral performance is causing strain on the memory subsystem of modern processors. For example, available DRAM throughput can no longer sustain the traffic of a modern network card. Scrambling to deliver the promised performance, instead of transferring peripheral data to and from DRAM, modern Intel processors perform I/O operations directly on the Last Level Cache (LLC). While Direct Cache Access (DCA) instead of Direct Memory Access (DMA) is a sensible performance optimization, it is unfortunately …

To stop side channel attacks on CPU caches that have allowed attackers to leak secret information and break basic security mechanisms, the security community has developed a variety of powerful defenses that effectively isolate the security domains. Of course, other shared hardware resources exist, but the assumption is that unlike cache side channels, any channel offered by these resources is insufficiently reliable and too coarse-grained to leak general-purpose information. This is no longer true. In this paper,…

Recent hardware-based attacks that compromise systems with Rowhammer or bypass address-space layout random- ization rely on how the processor's memory management unit (MMU) interacts with page tables. These attacks often need to reload page tables repeatedly in order to observe changes in the target system's behavior. To speed up the MMU's page table lookups, modern processors make use of multiple levels of caches such as translation lookaside buffers (TLBs), special-purpose page table caches and even general data…