Speculative Privacy Tracking (SPT): Leaking information from speculative execution without compromising privacy

Rutvik Choudhary, Jiyong Yu, Christopher W. Fletcher, Adam Morrison

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Speculative execution attacks put a dangerous new twist on information leakage through microarchitectural side channels. Ordinarily, programmers can reason about leakage based on the program's semantics, and prevent said leakage by carefully writing the program to not pass secrets to covert channel-creating "transmitter"instructions, such as branches and loads. Speculative execution breaks this defense, because a transmitter might mis-speculatively execute with a secret operand even if it can never execute with said operand in valid executions. This paper proposes a new security definition that enables hardware to provide comprehensive, low-overhead and transparent-tosoftware protection against these attacks. The key idea is that it is safe to speculatively execute a transmitter without any protection if its operands were already leaked by the non-speculative execution. Based on this definition we design Speculative Privacy Tracking (SPT), a hardware protection that delays execution of every transmitter until it can prove that the transmitter's operands leak during the program's non-speculative execution. Using a novel dynamic information flow analysis microarchitecture, SPT efficiently proves when such an operand declassification implies that other data becomes declassified, which enables other delayed transmitters to be executed safely. We evaluate SPT on SPEC2017 and constant-time code benchmarks, and find that it adds only 45%/11% overhead on average (depending on the attack model) relative to an insecure processor. Compared to a secure baseline with the same protection scope, SPT reduces overhead by an average 3.6×/3×.

Original languageEnglish (US)
Title of host publicationMICRO 2021 - 54th Annual IEEE/ACM International Symposium on Microarchitecture, Proceedings
PublisherIEEE Computer Society
Pages607-622
Number of pages16
ISBN (Electronic)9781450385572
DOIs
StatePublished - Oct 18 2021
Externally publishedYes
Event54th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2021 - Virtual, Online, Greece
Duration: Oct 18 2021Oct 22 2021

Publication series

NameProceedings of the Annual International Symposium on Microarchitecture, MICRO
ISSN (Print)1072-4451

Conference

Conference54th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2021
Country/TerritoryGreece
CityVirtual, Online
Period10/18/2110/22/21

ASJC Scopus subject areas

  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'Speculative Privacy Tracking (SPT): Leaking information from speculative execution without compromising privacy'. Together they form a unique fingerprint.

Cite this