Proceedings 2020 Network and Distributed System Security Symposium 2020
DOI: 10.14722/ndss.2020.24271
|View full text |Cite
|
Sign up to set email alerts
|

ConTExT: A Generic Approach for Mitigating Spectre

Abstract: Out-of-order execution and speculative execution are among the biggest contributors to performance and efficiency of modern processors. However, they are inconsiderate, leaking secret data during the transient execution of instructions. Many solutions and hardware fixes have been proposed for mitigating transient-execution attacks. However, they either do not eliminate the leakage entirely or introduce unacceptable performance penalties. In this paper, we propose ConTExT, a Considerate Transient Execution Tech… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

1
32
0

Year Published

2020
2020
2023
2023

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 52 publications
(33 citation statements)
references
References 39 publications
1
32
0
Order By: Relevance
“…With additional hardware changes, those techniques fundamentally mitigate microarchitectural attacks by isolating execution results of transient instructions until they commit [53]- [55] or by prohibiting transient executions within predefined secure domain [56].…”
Section: A Hardware-based Mitigationmentioning
confidence: 99%
“…With additional hardware changes, those techniques fundamentally mitigate microarchitectural attacks by isolating execution results of transient instructions until they commit [53]- [55] or by prohibiting transient executions within predefined secure domain [56].…”
Section: A Hardware-based Mitigationmentioning
confidence: 99%
“…For instance, page table isolation (e.g., KPTI of Linux) PTE inversion, and L1d flush [5], compilerbased mitigation [12,23,30,40] provides generic solutions for exception-based and misprediction-based speculative execution attacks. SPECCFI [24], ConTExT [36] mitigates a specific type of speculative attack. Furthermore, many works focus on detecting the code gadget of speculative execution attacks [13,18,20,28,33,47].…”
Section: Related Workmentioning
confidence: 99%
“…OISA [71] ensures that the accesses to sensitive data must use special instructions from a customized instruction subset, and these instructions cannot be executed out of order. ConTExT [49] marks the protected memory pages and registers to prevent their data from being obtained in the out-of-order execution state. Comparing with these defenses, SPECBOX can protect all the secret data from Spectre attacks instead of the special data assigned by software.…”
Section: Related Workmentioning
confidence: 99%