Memory encryption engine cache-based covert channel attack

Abstract

Microarchitectural covert channel attack is a threat when multiple tenants in cloud service share hardware resources. Most of IaaS (Infrastructure as a Service) cloud service provides each physical core and virtual machine to their tenants, so various kinds of cross-core microarchitectural attacks have researched In this work, we propose a novel cross-core covert channel attack that exploits new microarchitecture that have been introduced to support memory encryption - in particular, the Memory Encryption Engine(MEE) cache. The MEE cache is a shared resource but only utilized when accessing the integrity tree data and provides opportunity for a stealthy covert channel attack. However, there are challenges since MEE cache organization is not publicly known, and the access behavior and covered data differ from a conventional cache. Hence, we reverse engineer MEE cache and demonstrate how the MEE cache can be exploited to establish a covert channel communication. MEE cache covert channel is evaluated in native system, and shows about 35KBps bit rate and 1.7% error rate. Our covert channel shows robustness without any error handling scheme in the situation where main memory and general cache are intensively utilized. Also, the previous defense mechanism for general cache attack can not be directly applied to MEE cache covert channel attack due to different characteristics. There is possible mitigation for our covert channel, but the mitigation has trade-off.