Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
153 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization (2312.09770v1)

Published 15 Dec 2023 in cs.CR

Abstract: Since the advent of Spectre attacks, researchers and practitioners have developed a range of hardware and software measures to counter transient execution attacks. A prime example of such mitigation is speculative load hardening in LLVM, which protects against leaks by tracking the speculation state and masking values during misspeculation. LLVM relies on static analysis to harden programs using slh that often results in over-protection, which incurs performance overhead. We extended an existing side-channel model validation framework, Scam-V, to check the vulnerability of programs to Spectre-PHT attacks and optimize the protection of programs using the slh approach. We illustrate the efficacy of Scam-V by first demonstrating that it can automatically identify Spectre vulnerabilities in real programs, e.g., fragments of crypto-libraries. We then develop an optimization mechanism that validates the necessity of slh hardening w.r.t. the target platform. Our experiments showed that hardening introduced by LLVM in most cases could be significantly improved when the underlying microarchitecture properties are considered.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (53)
  1. Arm Limited. 2013. Cortex-M0+ Technical Reference Manual r0p0 (r0p0 ed.). Arm Limited, Cambridge, UK. https://developer.arm.com/documentation/ddi0432/latest/
  2. High-Assurance Cryptography in the Spectre Era. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021.
  3. Secure Information Flow by Self-Composition. In 17th IEEE Computer Security Foundations Workshop, (CSFW-17 2004), 28-30 June 2004, Pacific Grove, CA, USA. 100–114. https://doi.org/10.1109/CSFW.2004.17
  4. Validation of Side-Channel Models via Observation Refinement. In MICRO ’21: 54th Annual IEEE/ACM International Symposium on Microarchitecture, Greece, October 18-22. https://doi.org/10.1145/3466752.3480130
  5. Chandler Carruth. 2018. RFC: Speculative load hardening (a Spectre variant #1 mitigation). https://llvm.org/docs/SpeculativeLoadHardening.html. Accessed October 2022.
  6. Chandler Carruth. 2020. Cryptographic software in a post-Spectre world. Talk at the Real World Crypto Symposium. https://chandlerc.blog/talks/2020_post_spectre_crypto/post_spectre_crypto.html. Accessed October 2022.
  7. Constant-Time Foundations for the New Spectre Era. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation.
  8. SoK: Practical Foundations for Spectre Defenses. (2022).
  9. Unleashing Mayhem on Binary Code. In IEEE Symposium on Security and Privacy, SP 2012, 21-23 May 2012, San Francisco, California, USA. 380–394. https://doi.org/10.1109/SP.2012.31
  10. A Formal Approach to Secure Speculation. In 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).
  11. Hunting the Haunter - Efficient Relational Symbolic Execution for Spectre with Haunted RelSE. In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021.
  12. Automatic Detection of Speculative Execution Combinations. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022. 965–978. https://doi.org/10.1145/3548606.3560555
  13. InSpectre: Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security.
  14. Spectector: Principled Detection of Speculative Information Flows. In 2020 IEEE Symposium on Security and Privacy (SP).
  15. Hardware-Software Contracts for Secure Speculation. In 2021 IEEE Symposium on Security and Privacy.
  16. SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection. In Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering.
  17. Jann Horn. 2018. Speculative execution, variant 4: Speculative store bypass. https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
  18. SoK: Hardware Defenses Against Speculative Execution Attacks. CoRR abs/2301.03724 (2023). https://doi.org/10.48550/arXiv.2301.03724
  19. SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation. In Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Las Vegas, NV, USA, June 02-06, 2019. 60. https://doi.org/10.1145/3316781.3317903
  20. Paul Kocher. 2018. Spectre Mitigations in Microsoft’s C/C++ Compiler. https://www.paulkocher.com/doc/MicrosoftCompilerSpectreMitigation.html.
  21. Spectre Attacks: Exploiting Speculative Execution. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019. 1–19. https://doi.org/10.1109/SP.2019.00002
  22. Spectre Returns! Speculation Attacks using the Return Stack Buffer. 12th USENIX Workshop on Offensive Technologies (WOOT) (2018).
  23. SpecCFI: Mitigating Spectre Attacks using CFI Informed Speculation. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020. 39–53. https://doi.org/10.1109/SP40000.2020.00033
  24. Chris Lattner and Vikram Adve. 2003. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. Tech. Report UIUCDCS-R-2003-2380. Computer Science Dept., Univ. of Illinois at Urbana-Champaign.
  25. Conditional Speculation: An Effective Approach to Safeguard Out-of-Order Execution Against Spectre Attacks. In 25th IEEE International Symposium on High Performance Computer Architecture, HPCA 2019, Washington, DC, USA, February 16-20, 2019. 264–276. https://doi.org/10.1109/HPCA.2019.00043
  26. TrABin: Trustworthy analyses of binaries. 174 (2019), 72–89. https://doi.org/10.1016/j.scico.2019.01.001
  27. DOLMA: Securing Speculation with the Principle of Transient Non-Observability. In 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. 1397–1414. https://www.usenix.org/conference/usenixsecurity21/presentation/loughlin
  28. Matt Miller. 2018. Mitigating speculative execution side channel hardware vulnerabilities. https://msrc-blog.microsoft.com/2018/03/15/mitigating-speculative-execution-side-channel-hardware-vulnerabilities/
  29. Axiomatic hardware-software contracts for security. In ISCA 2022: The 49th Annual International Symposium on Computer Architecture, New York, USA, June 18 - 22. https://doi.org/10.1145/3470496.3527412
  30. Clou. https://github.com/nmosier/clou.
  31. Clou. https://github.com/nmosier/clou
  32. Validation of Abstract Side-Channel Models for Computer Architectures. In Computer Aided Verification - 32nd International Conference, CAV 2020 Los Angeles, CA, USA, July 21-24. https://doi.org/10.1007/978-3-030-53288-8_12
  33. Scam-V. https://github.com/kth-step/HolBA/tree/dev_scamv
  34. Revizor: testing black-box CPUs against speculation contracts. In ASPLOS ’22: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Lausanne, Switzerland, 28 February 2022 - 4 March 2022. 226–239. https://doi.org/10.1145/3503222.3507729
  35. Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing. CoRR abs/2301.07642 (2023). https://doi.org/10.48550/arXiv.2301.07642
  36. You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass. abs/1805.08506 (2018). http://arxiv.org/abs/1805.08506
  37. SpecFuzz: Bringing Spectre-type vulnerabilities to the surface. In 29th USENIX Security Symposium (USENIX Security 20).
  38. Marco Patrignani and Marco Guarnieri. 2021. Exorcising Spectres with Secure Compilers. In CCS ’21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15 - 19, 2021. 445–461. https://doi.org/10.1145/3460120.3484534
  39. Gururaj Saileshwar and Moinuddin K. Qureshi. 2019. CleanupSpec: An ”Undo” Approach to Safe Speculation. In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2019, Columbus, OH, USA, October 12-16, 2019. 73–86. https://doi.org/10.1145/3352460.3358314
  40. Efficient invisible speculative execution through selective delay and value prediction. In Proceedings of the 46th International Symposium on Computer Architecture, ISCA 2019, Phoenix, AZ, USA, June 22-26, 2019. 723–735. https://doi.org/10.1145/3307650.3322216
  41. Spectre Declassified: Reading from the Right Place at the Wrong Time. Cryptology ePrint Archive, Paper 2022/426. https://eprint.iacr.org/2022/426 https://eprint.iacr.org/2022/426.
  42. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. In IEEE Symposium on Security and Privacy.
  43. Context-Sensitive Fencing: Securing Speculative Execution via Microcode Customization. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2019, Providence, RI, USA, April 13-17, 2019. 395–410. https://doi.org/10.1145/3297858.3304060
  44. Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade. Proc. ACM Program. Lang. (2021).
  45. KLEESpectre: Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution. ACM Trans. Softw. Eng. Methodol. 29, 3 (2020), 14:1–14:31. https://doi.org/10.1145/3385897
  46. oo7: Low-Overhead Defense Against Spectre Attacks via Program Analysis. (2021).
  47. NDA: Preventing Speculative Execution Attacks at Their Source. In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2019, Columbus, OH, USA, October 12-16, 2019. 572–586. https://doi.org/10.1145/3352460.3358306
  48. Meng Wu and Chao Wang. 2019. Abstract Interpretation under Speculative Execution. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation.
  49. Wenjie Xiong and Jakub Szefer. 2021. Survey of Transient Execution Attacks and Their Mitigations. ACM Comput. Surv. 54, 3 (May 2021).
  50. InvisiSpec: Making Speculative Execution Invisible in the Cache Hierarchy (Corrigendum). In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2019, Columbus, OH, USA, October 12-16, 2019. 1076. https://doi.org/10.1145/3352460.3361129
  51. Yuval Yarom and Katrina Falkner. 2014. Flush+Reload: a high resolution, low noise, L3 cache side-channel attack. In Proceedings of the 23rd USENIX Conference on Security Symposium. 719–732.
  52. Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data. In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture.
  53. Ultimate SLH: Taking Speculative Load Hardening to the Next Level. In 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now