Runtime Randomized Relocation of Crypto Libraries for Mitigating Cache Attacks

Abstract

Crypto libraries such as OpenSSL and Libgcrypt are essential building blocks for implementing secure cloud services. Unfortunately, these libraries are subject to cache side-channel attacks, which are more devastating in cloud environments where inevitable cache contention among different tenants occurs. Previous approaches for mitigating cache side-channel attacks have limitations in terms of the deployability and security; these hinder utilization in cloud services. In this paper, we propose an R2-relocator, a novel library protection technique based on moving target defence. When injected into a running process, the R2-relocator performs randomized relocation of the library during runtime. By doing this, it transforms a vulnerable crypto library into one that randomly changes its memory (cache) location, thereby preventing the delivery of cache side-channel attacks against the library. The proposed technique achieves robust protection against cache side-channel attacks for all crypto libraries, even those containing unpatched critical vulnerabilities, without the need for reconfiguration of the library. Extensive evaluations of security, performance, and deployability of the R2-relocator demonstrate its effectiveness for secure cloud services.