SpectreGuard
- 2 June 2019
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Speculative execution is an essential performance enhancing technique in modern processors, but it has been shown to be insecure. In this paper, we propose SpectreGuard, a novel defense mechanism against Spectre attacks. In our approach, sensitive memory blocks (e.g., secret keys) are marked using simple OS/library API, which are then selectively protected by hardware from Spectre attacks via low-cost micro-architecture extension. This technique allows microprocessors to maintain high performance, while restoring the control to software developers to make security and performance trade-offs.Keywords
Funding Information
- National Security Agency (H98230-18-D-0009)
- National Science Foundation (CNS 1718880)
This publication has 9 references indexed in Scilit:
- NetSpectre: Read Arbitrary Memory over NetworkPublished by Springer Science and Business Media LLC ,2019
- SafeSpecPublished by Association for Computing Machinery (ACM) ,2019
- Spectre Attacks: Exploiting Speculative ExecutionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2019
- ret2specPublished by Association for Computing Machinery (ACM) ,2018
- DAWG: A Defense Against Cache Timing Attacks in Speculative Execution ProcessorsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2018
- KASLR is Dead: Long Live KASLRLecture Notes in Computer Science, 2017
- Last-Level Cache Side-Channel Attacks are PracticalPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- The Security Impact of a New Cryptographic LibraryLecture Notes in Computer Science, 2012
- The gem5 simulatorACM SIGARCH Computer Architecture News, 2011