On Subnormal Floating Point and Abnormal Timing

Andrysco, Marc; Kohlbrenner, David; Mowery, Keaton; Jhala, Ranjit; Lerner, Sorin; Shacham, Hovav

doi:10.1109/sp.2015.44

Cited by 116 publications

(119 citation statements)

References 37 publications

Supporting

Mentioning

119

Contrasting

Order By: Relevance

“…Since these workloads contain no data dependent behavior, performance will be constant after the first couple of iterations. Checks were used to ensure no IEEE NaN or subnormal numbers occurred, which can have a significant impact on timing [3].…”

Section: Systemmentioning

confidence: 99%

AutoTM: Automatic Tensor Movement in Heterogeneous Memory Systems using Integer Linear Programming

Hildebrand

Khan

Trika

et al. 2020

Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Syste

View full text Add to dashboard Cite

Memory capacity is a key bottleneck for training large scale neural networks. Intel® Optane™ DC PMM (persistent memory modules) which are available as NVDIMMs are a disruptive technology that promises significantly higher read bandwidth than traditional SSDs at a lower cost per bit than traditional DRAM. In this work we show how to take advantage of this new memory technology to minimize the amount of DRAM required without compromising performance significantly. Specifically, we take advantage of the static nature of the underlying computational graphs in deep neural network applications to develop a profile guided optimization based on Integer Linear Programming (ILP) called AutoTM to optimally assign and move live tensors to either DRAM or NVDIMMs. Our approach can replace 50% to 80% of a system's DRAM with PMM while only losing a geometric mean 27.7% performance. This is a significant improvement over first-touch NUMA, which loses 71.9% of performance. The proposed ILP based synchronous scheduling technique also provides 2x performance over using DRAM as a hardwarecontrolled cache for very large networks.CCS Concepts • Hardware → Analysis and design of emerging devices and systems; Memory and dense storage;• Computing methodologies → Machine learning.

show abstract

Section: Systemmentioning

confidence: 99%

AutoTM: Automatic Tensor Movement in Heterogeneous Memory Systems using Integer Linear Programming

Hildebrand

Khan

Trika

et al. 2020

Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Syste

View full text Add to dashboard Cite

show abstract

“…To defend against these attacks, modern crypto implementations use constant-time algorithms, also known as dataoblivious algorithms [2,7,12,13,19,25,28,52,54,56,66,71,74,77,93]. Constant-time algorithms are carefully written so that each instruction's execution does not reveal the data it operates on over any microarchitectural side channel.…”

Section: Cache-based Side Channels Attacks and Defensesmentioning

confidence: 99%

Safecracker: Leaking Secrets through Compressed Caches

Tsai

Sánchez

Fletcher

et al. 2020

Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Syste

View full text Add to dashboard Cite

The hardware security crisis brought on by recent speculative execution attacks has shown that it is crucial to adopt a security-conscious approach to architecture research, analyzing the security of promising architectural techniques before they are deployed in hardware.This paper offers the first security analysis of cache compression, one such promising technique that is likely to appear in future processors. We find that cache compression is insecure because the compressibility of a cache line reveals information about its contents. Compressed caches introduce a new side channel that is especially insidious, as simply storing data transmits information about it.We present two techniques that make attacks on compressed caches practical. Pack+Probe allows an attacker to learn the compressibility of victim cache lines, and Safecracker leaks secret data efficiently by strategically changing the values of nearby data. Our evaluation on a proof-ofconcept application shows that, on a common compressed cache architecture, Safecracker lets an attacker compromise a secret key in under 10 ms, and worse, leak large fractions of program memory when used in conjunction with latent memory safety vulnerabilities. We also discuss potential ways to close this new compression-induced side channel. We hope this work prevents insecure cache compression techniques from reaching mainstream processors.

show abstract

“…For syntactic convenience, we define the existing i32 and i64 WebAssembly type annotations as denoting public (integer) values, with new annotations s32 and s64 representing secret (integer) values. Floating point types are always considered public, since most floating point operations are variable-time and vulnerable to timing attacks [Andrysco et al 2015[Andrysco et al , 2018Kohlbrenner and Shacham 2017].…”

Section: Typing and Value Typesmentioning

confidence: 99%

CT-wasm: type-driven secure cryptography for the web ecosystem

Watt

Renner

Popescu

et al. 2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

A significant amount of both client and server-side cryptography is implemented in JavaScript. Despite widespread concerns about its security, no other language has been able to match the convenience that comes from its ubiquitous support on the "web ecosystem"-the wide variety of technologies that collectively underpins the modern World Wide Web. With the introduction of the new WebAssembly bytecode language (Wasm) into the web ecosystem, we have a unique opportunity to advance a principled alternative to existing JavaScript cryptography use cases which does not compromise this convenience.We present Constant-Time WebAssembly (CT-Wasm), a type-driven, strict extension to WebAssembly which facilitates the verifiably secure implementation of cryptographic algorithms. CT-Wasm's type system ensures that code written in CT-Wasm is both information flow secure and resistant to timing side channel attacks; like base Wasm, these guarantees are verifiable in linear time. Building on an existing Wasm mechanization, we mechanize the full CT-Wasm specification, prove soundness of the extended type system, implement a verified type checker, and give several proofs of the language's security properties.We provide two implementations of CT-Wasm: an OCaml reference interpreter and a native implementation for Node.js and Chromium that extends Google's V8 engine. We also implement a CT-Wasm to Wasm rewrite tool that allows developers to reap the benefits of CT-Wasm's type system today, while developing cryptographic algorithms for base Wasm environments. We evaluate the language, our implementations, and supporting tools by porting several cryptographic primitives-Salsa20, SHA-256, and TEA-and the full TweetNaCl library. We find that CT-Wasm is fast, expressive, and generates code that we experimentally measure to be constant-time.

show abstract

On Subnormal Floating Point and Abnormal Timing

Cited by 116 publications

References 37 publications

AutoTM: Automatic Tensor Movement in Heterogeneous Memory Systems using Integer Linear Programming

AutoTM: Automatic Tensor Movement in Heterogeneous Memory Systems using Integer Linear Programming

Safecracker: Leaking Secrets through Compressed Caches

CT-wasm: type-driven secure cryptography for the web ecosystem

Contact Info

Product

Resources

About