Zhenkai Zhang, Clemson University; Kunbei Cai, University of Central Florida; Yanan Guo, University of Rochester; Fan Yao, University of Central Florida; Xing Gao, University of Delaware
While extensive research has been conducted on CPU cache side-channel attacks, the landscape of similar studies on modern GPUs remains largely uncharted. In this paper, we investigate potential information leakage threats posed by the caches in GPUs of NVIDIA's latest Ampere and Ada Lovelace generations. We first exploit a GPU cache maintenance instruction to reverse engineer certain key properties of the cache hierarchy in these GPUs, and then we introduce a novel GPU cache side-channel attack primitive named Invalidate+Compare that is designed to spy on the GPU cache activities of a victim in a timer-free manner. We further showcase the use of this primitive with two case studies. The first one is a website fingerprinting attack that can accurately identify the web pages visited by a user, while the second one uncovers keystroke data entered via a virtual keyboard. To our knowledge, these stand as the first demonstrations of timer-free cache side-channel attacks on GPUs.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Zhenkai Zhang and Kunbei Cai and Yanan Guo and Fan Yao and Xing Gao},
title = {{Invalidate+Compare}: A {Timer-Free} {GPU} Cache Attack Primitive},
booktitle = {33rd USENIX Security Symposium (USENIX Security 24)},
year = {2024},
isbn = {978-1-939133-44-1},
address = {Philadelphia, PA},
pages = {2101--2118},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/zhang-zhenkai},
publisher = {USENIX Association},
month = aug
}