PhantomFetch: Obfuscating Loads against Prefetcher Side-Channel Attacks

The IP-stride prefetcher has recently been exploited to leak secrets through side-channel attacks. It, however, cannot be simply disabled for security with prefetching speedup as a sacrifice. The state-of-the-art defense tries to retain the prefetching effect by hardware modification. In this paper, we present PhantomFetch as the first prefetching-retentive and hardware-agnostic defense. It avoids potential remanufacturing cost and enriches applicability to off-the-shelf devices. The key idea is to directly break the exploitable coupling between trained prefetcher entries and the victim's secret-dependent loads by obfuscating the sensitive load effects of the victim. The experiment results show that PhantomFetch can secure the IP-stride prefetcher with only negligible overhead.