TY - JOUR
T1 - Creating Foundations for Secure Microarchitectures with Data-Oblivious ISA Extensions
AU - Yu, Jiyong
AU - Hsiung, Lucas
AU - Hajj, Mohamad El
AU - Fletcher, Christopher W.
N1 - Publisher Copyright:
© 1981-2012 IEEE.
PY - 2020/5/1
Y1 - 2020/5/1
N2 - It is not possible to write microarchitectural side channel-free code on commercial processors today. Even when we try, the resulting code is low performance. This article's goal is to lay an ISA-level foundation, called a Data-Oblivious ISA (OISA) extension, to address these problems. The key idea with an OISA is to explicitly but abstractly specify security policy, so that the policy can be decoupled from the microarchitecture and even the threat model. Analogous to a traditional ISA, this enables an OISA to serve as a portable security-centric abstraction for software while enabling security-aware implementation and optimization flexibility for hardware. The article starts by giving a deep-dive in OISA principles and formal definitions underpinning OISA security. We also provide a concrete OISA built on top of RISC-V, an implementation prototype on the RISC-V BOOM microarchitecture, a formal analysis and security argument, and finally extensive performance evaluation on a range of data-oblivious benchmarks.
AB - It is not possible to write microarchitectural side channel-free code on commercial processors today. Even when we try, the resulting code is low performance. This article's goal is to lay an ISA-level foundation, called a Data-Oblivious ISA (OISA) extension, to address these problems. The key idea with an OISA is to explicitly but abstractly specify security policy, so that the policy can be decoupled from the microarchitecture and even the threat model. Analogous to a traditional ISA, this enables an OISA to serve as a portable security-centric abstraction for software while enabling security-aware implementation and optimization flexibility for hardware. The article starts by giving a deep-dive in OISA principles and formal definitions underpinning OISA security. We also provide a concrete OISA built on top of RISC-V, an implementation prototype on the RISC-V BOOM microarchitecture, a formal analysis and security argument, and finally extensive performance evaluation on a range of data-oblivious benchmarks.
UR - http://www.scopus.com/inward/record.url?scp=85083003975&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85083003975&partnerID=8YFLogxK
U2 - 10.1109/MM.2020.2985366
DO - 10.1109/MM.2020.2985366
M3 - Article
AN - SCOPUS:85083003975
SN - 0272-1732
VL - 40
SP - 99
EP - 107
JO - IEEE Micro
JF - IEEE Micro
IS - 3
M1 - 9057402
ER -