Do Not Predict – Recompute! How Value Recomputation Can Truly Boost the Performance of Invisible Speculation
- 1 September 2021
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in 2021 International Symposium on Secure and Private Execution Environment Design (SEED)
Abstract
Recent architectural approaches that address speculative side-channel attacks aim to prevent software from exposing the microarchitectural state changes of transient execution. The Delay-on-Miss technique is one such approach, which simply delays loads that miss in the L1 cache until they become non-speculative, resulting in no transient changes in the memory hierarchy. However, this costs performance, prompting the use of value prediction (VP) to regain some of the delay.However, the problem cannot be solved by simply introducing a new kind of speculation (value prediction). Value-predicted loads have to be validated, which cannot be commenced until the load becomes non-speculative. Thus, value-predicted loads occupy the same amount of precious core resources (e.g., reorder buffer entries) as Delay-on-Miss. The end result is that VP only yields marginal benefits over Delay-on-Miss.In this paper, our insight is that we can achieve the same goal as VP (increasing performance by providing the value of loads that miss) without incurring its negative side-effect (delaying the release of precious resources), if we can safely, non-speculatively, recompute a value in isolation (without being seen from the outside), so that we do not expose any information by transferring such a value via the memory hierarchy. Value Recomputation, which trades computation for data transfer was previously proposed in an entirely different context: to reduce energy-expensive data transfers in the memory hierarchy. In this paper, we demonstrate the potential of value recomputation in relation to the Delay-on-Miss approach of hiding speculation, discuss the trade-offs, and show that we can achieve the same level of security, reaching 93% of the unsecured baseline performance (5% higher than Delay-on-miss), and exceeding (by 3%) what even an oracular (100% accuracy and coverage) value predictor could do.Keywords
Funding Information
- European Commission
This publication has 38 references indexed in Scilit:
- Cross Processor Cache AttacksPublished by Association for Computing Machinery (ACM) ,2016
- The load slice core microarchitecturePublished by Association for Computing Machinery (ACM) ,2015
- CallbackPublished by Association for Computing Machinery (ACM) ,2015
- Last-Level Cache Side-Channel Attacks are PracticalPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- CACTI-P: Architecture-level modeling for SRAM-based structures with advanced leakage reduction techniquesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- The gem5 simulatorACM SIGARCH Computer Architecture News, 2011
- PinPublished by Association for Computing Machinery (ACM) ,2005
- Studying Storage-Recomputation Tradeoffs in Memory-Constrained Embedded ProcessingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Continual flow pipelines: achieving resource-efficient latency toleranceIEEE Micro, 2004
- Dynamic instruction reusePublished by Association for Computing Machinery (ACM) ,1997