TY - GEN
T1 - All Your PC Are Belong to Us
T2 - 50th Annual International Symposium on Computer Architecture, ISCA 2023
AU - Yu, Jiyong
AU - Jaeger, Trent
AU - Fletcher, Christopher W.
N1 - This work was funded by NSF under grants CNS-1942888, CNS-1954521, and CNS-1801534. We would like to thank the anonymous shepherd and reviewers for their insightful comments during the review process, which helped to significantly strengthen the paper.
PY - 2023/6/17
Y1 - 2023/6/17
N2 - Leaking a program’s instruction address (PC) pattern, completely and precisely, has long been a sought-after capability for microarchitectural side-channel attackers. Case in point, such a primitive would be sufficient to construct powerful control-flow leakage attacks (inferring program secrets impacting control flow) that defeat existing control-flow leakage mitigations, or even reverse-engineer private binaries through PC-trace granular fingerprinting. However, current side-channel attack techniques only capture PCs at a coarse granularity or for only specific instruction types. In this paper, we propose the first micro-architectural side-channel attack that is capable of directly observing the exact PCs of arbitrary victim dynamic instructions—i.e., even the PCs of non-control-transfer instructions and even if the program code is private. Our attack exploits several previously overlooked characteristics in modern Intel Branch Target Buffers (BTBs). The core observation is perhaps counter-intuitive: despite being a structure related to control-flow prediction, the BTB incurs observable state changes after the execution of potentially any instruction, not just control-transfer instructions. Through reverse-engineering and analyzing said BTB vulnerabilities, we design and implement an attack framework named NightVision. We demonstrate how NightVision is capable of efficiently and accurately identifying a subset, or the entirety, of a victim program’s dynamic PC trace (depending on the attacker’s capabilities). We show how NightVision enables a new control-flow attack that bypasses prior defenses. Additionally, we show that when combined with code fingerprinting techniques, NightVision enables reverse-engineering of private programs.
AB - Leaking a program’s instruction address (PC) pattern, completely and precisely, has long been a sought-after capability for microarchitectural side-channel attackers. Case in point, such a primitive would be sufficient to construct powerful control-flow leakage attacks (inferring program secrets impacting control flow) that defeat existing control-flow leakage mitigations, or even reverse-engineer private binaries through PC-trace granular fingerprinting. However, current side-channel attack techniques only capture PCs at a coarse granularity or for only specific instruction types. In this paper, we propose the first micro-architectural side-channel attack that is capable of directly observing the exact PCs of arbitrary victim dynamic instructions—i.e., even the PCs of non-control-transfer instructions and even if the program code is private. Our attack exploits several previously overlooked characteristics in modern Intel Branch Target Buffers (BTBs). The core observation is perhaps counter-intuitive: despite being a structure related to control-flow prediction, the BTB incurs observable state changes after the execution of potentially any instruction, not just control-transfer instructions. Through reverse-engineering and analyzing said BTB vulnerabilities, we design and implement an attack framework named NightVision. We demonstrate how NightVision is capable of efficiently and accurately identifying a subset, or the entirety, of a victim program’s dynamic PC trace (depending on the attacker’s capabilities). We show how NightVision enables a new control-flow attack that bypasses prior defenses. Additionally, we show that when combined with code fingerprinting techniques, NightVision enables reverse-engineering of private programs.
KW - Branch Target Buffer
KW - Intel SGX
KW - Side-channel attack
KW - code privacy
KW - function fingerprinting
KW - hardware security
UR - http://www.scopus.com/inward/record.url?scp=85168876013&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85168876013&partnerID=8YFLogxK
U2 - 10.1145/3579371.3589100
DO - 10.1145/3579371.3589100
M3 - Conference contribution
AN - SCOPUS:85168876013
T3 - Proceedings - International Symposium on Computer Architecture
SP - 910
EP - 923
BT - ISCA 2023 - Proceedings of the 2023 50th Annual International Symposium on Computer Architecture
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 17 June 2023 through 21 June 2023
ER -