Prune+PlumTree - Finding Eviction Sets at Scale
Tom Kessous, Niv Gilboa
IEEE Symposium on Security and Privacy 2024 · Day 3 · Continental Ballroom 5
The talk "Prune+PlumTree - Finding Eviction Sets at Scale" by Tom Kessous and Niv Gilboa introduces a groundbreaking algorithm designed to rapidly identify a large number of **eviction sets** within a CPU cache. An eviction set is a critical component for **cache side-channel attacks**, representing a collection of memory addresses that all map to the same cache set and are sufficient to evict any other line residing in that set. This research is particularly significant because while previous algorithms focused on finding a single eviction set, many advanced attacks require knowledge of multiple, or even all, eviction sets across the cache.
AI review
This research delivers a fundamental breakthrough in cache side-channel primitives, making comprehensive cache mapping an on-the-fly operation. Prune+PlumTree's two-to-three order of magnitude speedup drastically lowers the barrier for advanced attacks and demands immediate re-evaluation of defensive strategies. This is a critical piece of work that will define the next generation of cache-based exploitation.