GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation

Sam Ainsworth

GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a victim, in an otherwise entirely correct program, into leaking its secrets through the effects of misspeculated execution, in a way that is entirely invisible to the programmer’s model. This has serious implications for application sandboxing and inter-process communication.

Designing efficient mitigations that preserve the performance of out-of-order execution has been a challenge. The speculation-hiding techniques in the literature have been shown to not close such channels comprehensively, allowing adversaries to redesign attacks. Strong, precise guarantees are necessary, but mitigations must achieve high performance to be adopted. We present Strictness Ordering, a new constraint system that shows how we can comprehensively eliminate transient side channel attacks, while still allowing complex speculation and data forwarding between speculative instructions. We then present GhostMinion, a cache modification built using a variety of new techniques designed to provide Strictness Order at only 2.5% overhead.

Original language	English
Title of host publication	Proceedings of the 54th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO '54)
Publisher	ACM Association for Computing Machinery
Number of pages	13
Publication status	Accepted/In press - 14 Jul 2021
Event	54th IEEE/ACM International Symposium on Microarchitecture - Online, Athens, Greece Duration: 18 Oct 2021 → 22 Oct 2022 https://www.microarch.org/micro54/index.php

Conference

Conference	54th IEEE/ACM International Symposium on Microarchitecture
Abbreviated title	MICRO 2021
Country/Territory	Greece
City	Athens
Period	18/10/21 → 22/10/22
Internet address	https://www.microarch.org/micro54/index.php

Access to Document

GhostMinion_AINSWORTH_DOA14072021_AFVAccepted author manuscript, 532 KBLicence: All Rights Reserved

1 Active

Dijkstra's Pipe: Timing-Secure Processors by Design
Nagarajan, V., Ainsworth, S., Aspinall, D. & Grosser, T.
EPSRC
1/07/21 → 30/06/24
Project: Research

Cite this

@inproceedings{9aa9d308a0d74f4aa4395d8598a6beef,

title = "GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation",

abstract = "Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a victim, in an otherwise entirely correct program, into leaking its secrets through the effects of misspeculated execution, in a way that is entirely invisible to the programmer{\textquoteright}s model. This has serious implications for application sandboxing and inter-process communication.Designing efficient mitigations that preserve the performance of out-of-order execution has been a challenge. The speculation-hiding techniques in the literature have been shown to not close such channels comprehensively, allowing adversaries to redesign attacks. Strong, precise guarantees are necessary, but mitigations must achieve high performance to be adopted. We present Strictness Ordering, a new constraint system that shows how we can comprehensively eliminate transient side channel attacks, while still allowing complex speculation and data forwarding between speculative instructions. We then present GhostMinion, a cache modification built using a variety of new techniques designed to provide Strictness Order at only 2.5% overhead.",

author = "Sam Ainsworth",

year = "2021",

month = jul,

day = "14",

language = "English",

booktitle = "Proceedings of the 54th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO '54)",

publisher = "ACM Association for Computing Machinery",

note = "54th IEEE/ACM International Symposium on Microarchitecture, MICRO 2021 ; Conference date: 18-10-2021 Through 22-10-2022",

url = "https://www.microarch.org/micro54/index.php",

}

TY - GEN

T1 - GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation

AU - Ainsworth, Sam

PY - 2021/7/14

Y1 - 2021/7/14

N2 - Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a victim, in an otherwise entirely correct program, into leaking its secrets through the effects of misspeculated execution, in a way that is entirely invisible to the programmer’s model. This has serious implications for application sandboxing and inter-process communication.Designing efficient mitigations that preserve the performance of out-of-order execution has been a challenge. The speculation-hiding techniques in the literature have been shown to not close such channels comprehensively, allowing adversaries to redesign attacks. Strong, precise guarantees are necessary, but mitigations must achieve high performance to be adopted. We present Strictness Ordering, a new constraint system that shows how we can comprehensively eliminate transient side channel attacks, while still allowing complex speculation and data forwarding between speculative instructions. We then present GhostMinion, a cache modification built using a variety of new techniques designed to provide Strictness Order at only 2.5% overhead.

AB - Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a victim, in an otherwise entirely correct program, into leaking its secrets through the effects of misspeculated execution, in a way that is entirely invisible to the programmer’s model. This has serious implications for application sandboxing and inter-process communication.Designing efficient mitigations that preserve the performance of out-of-order execution has been a challenge. The speculation-hiding techniques in the literature have been shown to not close such channels comprehensively, allowing adversaries to redesign attacks. Strong, precise guarantees are necessary, but mitigations must achieve high performance to be adopted. We present Strictness Ordering, a new constraint system that shows how we can comprehensively eliminate transient side channel attacks, while still allowing complex speculation and data forwarding between speculative instructions. We then present GhostMinion, a cache modification built using a variety of new techniques designed to provide Strictness Order at only 2.5% overhead.

M3 - Conference contribution

BT - Proceedings of the 54th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO '54)

PB - ACM Association for Computing Machinery

T2 - 54th IEEE/ACM International Symposium on Microarchitecture

Y2 - 18 October 2021 through 22 October 2022

ER -

GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation

Abstract

Conference

Access to Document

Fingerprint

Projects

Dijkstra's Pipe: Timing-Secure Processors by Design

Cite this