2019 28th International Conference on Parallel Architectures and Compilation Techniques (PACT) 2019
DOI: 10.1109/pact.2019.00020
|View full text |Cite
|
Sign up to set email alerts
|

SpecShield: Shielding Speculative Data from Microarchitectural Covert Channels

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
57
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
3
1

Relationship

1
6

Authors

Journals

citations
Cited by 60 publications
(57 citation statements)
references
References 24 publications
0
57
0
Order By: Relevance
“…Explicit RelSE forks into four paths after the conditional branch at line 3, two of them jumping on the loop at line 4. Then, each time the condition of the loop is evaluated, Explicit RelSE forks again into four paths 6 . In total, 390 additional transient paths are explored (Table VI).…”
Section: Appendixmentioning
confidence: 99%
See 1 more Smart Citation
“…Explicit RelSE forks into four paths after the conditional branch at line 3, two of them jumping on the loop at line 4. Then, each time the condition of the loop is evaluated, Explicit RelSE forks again into four paths 6 . In total, 390 additional transient paths are explored (Table VI).…”
Section: Appendixmentioning
confidence: 99%
“…This behavior is exploited in Spectre attacks [1] which were made public in early 2018. Since then, Spectre attacks have drawn considerable attention from both industry and academy, with works that discovered new Spectre variants [2], new detection methods [3]- [5], and new countermesures [6]- [8]. To date, there are four known main variants of Spectre attacks [2].…”
Section: Introductionmentioning
confidence: 99%
“…researchers pointed out that transient execution attacks require transferring secrets from the speculative domain into the architectural states of the processor no matter what kind of side channel is used to disclose sensitive information. Thus NDA [51], SpecShield [52], and STT [53] are proposed to break this requirement. These mechanisms assume that secrets need to be propagated speculatively at least once before information is leaked to a side channel.…”
Section: Related Workmentioning
confidence: 99%
“…#PF, #GP, etc. ), we generate one attack variant for each of the following 23 value ranges for N a : {[1, 1], [2,2], [3,3], [4,4], [5,5], [6,6], [7,7], [8,8], [9,9], [10,10], [11,20], [21,30], [31,40], [41,50], [51,60] [10,001,100,000], [100,001, 1,000,000], [1,000,001, 2,000,000]}. In all attack variants, L a was chosen from 150K, 250K, 350K, 450K, 550K, 650K, 750K cycles.…”
Section: Exception-based Attack Variantsmentioning
confidence: 99%
“…), we generate one attack variant for each combination of N t , N a , L t , and L a . The values of N t and N a are sampled uniformly at random from the following 14 value ranges: [3,3], [4,4], [5,5], [6,6], [7,7], [8,8], [9,9], [10,10], [11,20], [21,30], [31,50], [51,100]}; The values of L t are chosen from {350, 450, 550, 650, 750} CPU cycles; and the values of L a are chosen from: {150K, 250K, 350K, 450K, 550K} CPU cycles. Therefore, in total 14 × 14 × 5 × 5 × 2 × 4 = 39, 200 attack variants were generated.…”
Section: Btb/pht Misprediction Variantsmentioning
confidence: 99%