DeepAI
Log In Sign Up

GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation

04/12/2021
by   Sam Ainsworth, et al.
0

Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a victim, in an otherwise entirely correct program, into leaking its secrets through the effects of misspeculated execution, in a way that is entirely invisible to the programmer's model. This has serious implications for application sandboxing and inter-process communication. Designing efficient mitigations, that preserve the performance of out-of-order execution, has been a challenge. The speculation-hiding techniques in the literature have been shown to not close such channels comprehensively, allowing adversaries to redesign attacks. Strong, precise guarantees are necessary, but at the same time mitigations must achieve high performance to be adopted. We present Strictness Ordering, a new constraint system that shows how we can comprehensively eliminate transient side channel attacks, while still allowing complex speculation and data forwarding between speculative instructions. We then present GhostMinion, a cache modification built using a variety of new techniques designed to provide Strictness Order at only 2.5 overhead.

READ FULL TEXT

page 3

page 9

page 10

page 11

09/02/2019

KLEESPECTRE: Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution

Spectre attacks disclosed in early 2018 expose data leakage scenarios vi...
05/22/2019

ConTExT: Leakage-Free Transient Execution

Out-of-order execution and speculative execution are among the biggest c...
09/30/2020

Timing Cache Accesses to Eliminate Side Channels in Shared Software

Timing side channels have been used to extract cryptographic keys and se...
07/18/2021

SpecBox: A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks

Speculative execution techniques have been a cornerstone of modern proce...
12/02/2020

PiPoMonitor: Mitigating Cross-core Cache Attacks Using the Auto-Cuckoo Filter

Cache side channel attacks obtain victim cache line access footprint to ...
06/13/2018

SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation

Speculative execution which is used pervasively in modern CPUs can leave...
11/03/2017

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Double-fetch bugs are a special type of race condition, where an unprivi...