Speculative Execution Attacks and Hardware Defenses

Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI:10.1145/3474376.3487404

R. Lee

{"title":"Speculative Execution Attacks and Hardware Defenses","authors":"R. Lee","doi":"10.1145/3474376.3487404","DOIUrl":null,"url":null,"abstract":"Speculative execution attacks like Spectre and Meltdown exploit hardware performance optimization features to illegally access a secret and then leak the secret to an unauthorized recipient. Many variants of speculative execution attacks (also called transient execution attacks) have been proposed in the last few years, and new ones are constantly being discovered. While software mitigations for some attacks have been proposed, they often cause very significant performance degradation. Hardware solutions are also being proposed actively by the research community, especially as these are attacks on hardware microarchitecture. In this talk, we identify the critical steps in a speculative attack, and the root cause of successful attacks. We define the concept of \"security dependencies\", which should be implemented to prevent data leaks and other security breaches. We propose a taxonomy of defense strategies and show how proposed hardware defenses fall under each defense strategy. We discuss security-performance tradeoffs, which can decrease the performance overhead while still preventing security breaches. We suggest design principles for future security-aware microarchitecture.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3474376.3487404","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Speculative execution attacks like Spectre and Meltdown exploit hardware performance optimization features to illegally access a secret and then leak the secret to an unauthorized recipient. Many variants of speculative execution attacks (also called transient execution attacks) have been proposed in the last few years, and new ones are constantly being discovered. While software mitigations for some attacks have been proposed, they often cause very significant performance degradation. Hardware solutions are also being proposed actively by the research community, especially as these are attacks on hardware microarchitecture. In this talk, we identify the critical steps in a speculative attack, and the root cause of successful attacks. We define the concept of "security dependencies", which should be implemented to prevent data leaks and other security breaches. We propose a taxonomy of defense strategies and show how proposed hardware defenses fall under each defense strategy. We discuss security-performance tradeoffs, which can decrease the performance overhead while still preventing security breaches. We suggest design principles for future security-aware microarchitecture.

查看原文本刊更多论文

推测执行攻击和硬件防御

像Spectre和Meltdown这样的推测性执行攻击利用硬件性能优化功能非法访问秘密，然后将秘密泄露给未经授权的接收者。推测执行攻击(也称为瞬态执行攻击)的许多变体在过去几年中被提出，并且不断发现新的攻击。虽然已经提出了针对某些攻击的软件缓解措施，但它们通常会导致非常严重的性能下降。研究团体也在积极地提出硬件解决方案，特别是因为这些都是针对硬件微架构的攻击。在这次演讲中，我们将确定投机攻击的关键步骤，以及成功攻击的根本原因。我们定义了“安全依赖”的概念，应该实现它来防止数据泄露和其他安全漏洞。我们提出了一种防御策略的分类，并展示了所提出的硬件防御如何归入每种防御策略。我们将讨论安全性与性能之间的权衡，这可以在减少性能开销的同时防止安全性破坏。我们为未来的安全感知微架构提出了一些设计原则。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security

自引率

0.00%

发文量