shrestha.ea:secure-cache-evaluation:2026 BookSection IEEE 2026 April Design, Automation & Test in Europe Conference (DATE) ShresthaPratik BruckerAchimD BhattiMKhurram From Entropy to Leakage: A Unified Methodology for Security Evaluation of Caches Cache Side-Channel Attacks (CSCAs) can leak sensitive information by exploiting shared cache resources. Although many secure cache designs like CEASER, Scatter-Cache, PhantomCache, MIRAGE, and IECache have been proposed, the security evaluation methods being used by these designs remain diverse, often inconsistent, and scattered. This inconsistency makes it challenging to compare the security strengths of the state-of-the-art cache designs for security-critical applications. To address this challenge, we propose a novel consistent security evaluation methodology, called the UniSEC (Unified methodology for Security Evaluation of Caches), which estimates Worst-Case Leakage (WCL) and provides a consistent, comprehensive, and realistic measure of potential information leakage that various cache designs exhibit. UniSEC empirically shows that WCL estimation maximizes the revelation of potential information leakage that Relative Eviction Entropy (REE) based method fails to capture. UniSEC introduces an Effective Security Score (ESS) that takes into account Active Attackers Cache Lines (AACLs) within an attackers eviction set and the uniformity of the eviction distribution across the AACLs to measure the worst-case leakage. Our results show that well-distributed eviction probabilities across attackers eviction set lead to higher ESS and overall entropy. We carry out experiments to measure WCL, REE, and ESS in six state-of-the-art secure cache designs and vary associativity and cache sizes to measure the impact on information leakage. Our experiments reveal that security-critical applications cannot rely on the security guarantees being provided by REE alone. Therefore, WCL is a more realistic metric for measuring the actual amount of information leakage in caches.