SpecShield: Shielding Speculative Data from Microarchitectural Covert Channels

Barber, Kristin; Bacha, Anys; Zhou, Li; Zhang, Yinqian; Teodorescu, Radu

doi:10.1109/pact.2019.00020

Cited by 55 publications

(56 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Explicit RelSE forks into four paths after the conditional branch at line 3, two of them jumping on the loop at line 4. Then, each time the condition of the loop is evaluated, Explicit RelSE forks again into four paths 6 . In total, 390 additional transient paths are explored (Table VI).…”

Section: Appendixmentioning

confidence: 99%

“…This behavior is exploited in Spectre attacks [1] which were made public in early 2018. Since then, Spectre attacks have drawn considerable attention from both industry and academy, with works that discovered new Spectre variants [2], new detection methods [3]- [5], and new countermesures [6]- [8]. To date, there are four known main variants of Spectre attacks [2].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Hunting the Haunter — Efficient Relational Symbolic Execution for Spectre with Haunted RelSE

Daniel¹,

Bardin²,

Rezk³

2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Spectre are microarchitectural attacks which were made public in January 2018. They allow an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly important for cryptographic libraries and defenses at the software level have been proposed. Yet, defenses correctness and Spectre detection pose challenges due on one hand to the explosion of the exploration space induced by speculative paths, and on the other hand to the introduction of new Spectre vulnerabilities at different compilation stages. We propose an optimization, coined Haunted RelSE, that allows scalable detection of Spectre vulnerabilities at binary level. We prove the optimization semantically correct w.r.t. the more naive explicit speculative exploration approach used in state-of-the-art tools. We implement Haunted RelSE in a symbolic analysis tool, and extensively test it on a wellknown litmus testset for Spectre-PHT, and on a new litmus testset for Spectre-STL, which we propose. Our technique finds more violations and scales better than state-of-the-art techniques and tools, analyzing real-world cryptographic libraries and finding new violations. Thanks to our tool, we discover that indexmasking-a standard defense for Spectre-PHT-and well-known gcc options to compile position independent executables introduce Spectre-STL violations. We propose and verify a correction to index-masking to avoid the problem. addresses the Store to Load (STL) variant (a.k.a Spectre-v4 [13]), which exploits the memory dependence predictor. Unfortunately, Pitchfork does not scale for analyzing Spectre-STL, even on small programs (cf. Table IV). Other variants are currently out-of-scope of static analyzers (see Sections II and VII). Goal and challenges. In this paper, we propose a novel technique to detect Spectre-PHT and Spectre-STL vulnerabilities and we implement it in a new static analyzer for binary code. Two challenges arise in the design of such an analyzer: C1 First, the details of the microarchitecture cannot be fully included in the analysis because they are not public in general and not easy to obtain. Yet the challenge is to find an abstraction powerful enough to capture side channels attacks due to microarchitectural state. C2 Second, exploration of all possible speculative executions does not scale because it quickly leads to state explosion. The challenge is how to optimize this exploration in order to make the analysis applicable to real code. Proposal. We tackle challenge C1 by targeting a relational security property coined in the literature as speculative constanttime [5], a property reminiscent of constant-time [14], widely used in cryptographic implementations. Speculative constanttime takes speculative executions into account without explicitly modeling intrincate microarchitectural details. However, it is well known that constant-time programming is not necessarily preserved by compilers [15], [16], so our analysis operates at binary level-besides, it is compiler-agnostic and does not require source code. For thi...

show abstract

Section: Appendixmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Hunting the Haunter — Efficient Relational Symbolic Execution for Spectre with Haunted RelSE

Daniel¹,

Bardin²,

Rezk³

2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…researchers pointed out that transient execution attacks require transferring secrets from the speculative domain into the architectural states of the processor no matter what kind of side channel is used to disclose sensitive information. Thus NDA [51], SpecShield [52], and STT [53] are proposed to break this requirement. These mechanisms assume that secrets need to be propagated speculatively at least once before information is leaked to a side channel.…”

Section: Related Workmentioning

confidence: 99%

Exploiting Security Dependence for Conditional Speculation Against Spectre Attacks

Zhao

Hou

et al. 2021

IEEE Trans. Comput.

View full text Add to dashboard Cite

Speculative execution side-channel vulnerabilities such as Spectre reveal that conventional architecture designs lack security consideration. This paper proposes a software transparent defense framework, named as Conditional Speculation, against Spectre vulnerabilities found on traditional out-of-order microprocessors. It introduces the concept of security dependence to mark speculative memory instructions which could leak information with potential security risks. More specifically, security-dependent instructions are detected and marked with suspect speculation flags in the Issue Queue. All the instructions can be speculatively issued for execution in accordance with the classic out-of-order pipeline. For those instructions with suspect speculation flags, they are considered as safe instructions if their speculative execution dose not refill new cache lines with unauthorized privilege data. Otherwise, they are considered as unsafe instructions and thus not allowed to execute speculatively. To pursue a balance of performance and security, we investigate two filtering mechanisms, Cache-hit based Hazard Filter and Trusted Page Buffer based Hazard Filter to filter out false security hazards. As for true security hazards, we have two approaches to prevent them from changing cache states. One is to block all unsafe access, the other is to fetch them from lower-level caches or memory to a speculative buffer temporarily, and refill them after confirming that they are on the correct execution path. Our design philosophy is to speculatively execute safe instructions to maintain the performance benefits of out-of-order execution while delaying the cache updates for speculative execution of unsafe instructions for security consideration. We evaluate Conditional Speculation in terms of performance, security, and area. The experimental results show that the hardware overhead is marginal and the performance overhead is minimal.

show abstract

“…#PF, #GP, etc. ), we generate one attack variant for each of the following 23 value ranges for N a : {[1, 1], [2,2], [3,3], [4,4], [5,5], [6,6], [7,7], [8,8], [9,9], [10,10], [11,20], [21,30], [31,40], [41,50], [51,60] [10,001,100,000], [100,001, 1,000,000], [1,000,001, 2,000,000]}. In all attack variants, L a was chosen from 150K, 250K, 350K, 450K, 550K, 650K, 750K cycles.…”

Section: Exception-based Attack Variantsmentioning

confidence: 99%

“…), we generate one attack variant for each combination of N t , N a , L t , and L a . The values of N t and N a are sampled uniformly at random from the following 14 value ranges: [3,3], [4,4], [5,5], [6,6], [7,7], [8,8], [9,9], [10,10], [11,20], [21,30], [31,50], [51,100]}; The values of L t are chosen from {350, 450, 550, 650, 750} CPU cycles; and the values of L a are chosen from: {150K, 250K, 350K, 450K, 550K} CPU cycles. Therefore, in total 14 × 14 × 5 × 5 × 2 × 4 = 39, 200 attack variants were generated.…”

Section: Btb/pht Misprediction Variantsmentioning

confidence: 99%

Specularizer : Detecting Speculative Execution Attacks via Performance Tracing

Wang

Chen

Cheng³

et al. 2021

Detection of Intrusions and Malware, and Vulnerability Assessment

Self Cite

View full text Add to dashboard Cite

This paper presents Specularizer, a framework for uncovering speculative execution attacks using performance tracing features available in commodity processors. It is motivated by the practical difficulty of eradicating such vulnerabilities in the design of CPU hardware and operating systems and the principle of defense-in-depth. The key idea of Specularizer is the use of Hardware Performance Counters and Processor Trace to perform lightweight monitoring of production applications and the use of machine learning techniques for identifying the occurrence of the attacks during offline forensics analysis. Different from prior works that use performance counters to detect side-channel attacks, Specularizer monitors triggers of the critical paths of the speculative execution attacks, thus making the detection mechanisms robust to different choices of side channels used in the attacks. To evaluate Specularizer, we model all known types of exception-based and misprediction-based speculative execution attacks and automatically generate thousands of attack variants. Experimental results show that Specularizer yields superior detection accuracy and the online tracing of Specularizer incur reasonable overhead.

show abstract

SpecShield: Shielding Speculative Data from Microarchitectural Covert Channels

Cited by 55 publications

References 24 publications

Hunting the Haunter — Efficient Relational Symbolic Execution for Spectre with Haunted RelSE

Hunting the Haunter — Efficient Relational Symbolic Execution for Spectre with Haunted RelSE

Exploiting Security Dependence for Conditional Speculation Against Spectre Attacks

Specularizer : Detecting Speculative Execution Attacks via Performance Tracing

Contact Info

Product

Resources

About