Understanding Selective Delay as a Method for Efficient Secure Speculative Execution

Abstract: Since the introduction of Meltdown and Spectre, the research community has been tirelessly working on speculative side-channel attacks and on how to shield computer systems from them. To ensure that a system is protected not only from all the currently known attacks but also from future, yet to be discovered, attacks, the solutions developed need to be general in nature, covering a wide array of system components, while at the same time keeping the performance, energy, area, and implementation complexity costs… Show more

“…In the most naïve approach, we can consider handles to be safe when they reach the head of the ROB and are retired, but this is awfully pessimistic. Instead, we draw from the existing research on speculative execution [3,6,[37][38][39]50,56] and consider handles as safe when they can no longer cause squashing, regardless of their position in the ROB. Specifically, we have adopted the approach of using speculative shadows by Sakalis et al [37][38][39], a mechanism for detecting the earliest point at which an instruction is no longer speculative.…”

“…Instead, we draw from the existing research on speculative execution [3,6,[37][38][39]50,56] and consider handles as safe when they can no longer cause squashing, regardless of their position in the ROB. Specifically, we have adopted the approach of using speculative shadows by Sakalis et al [37][38][39], a mechanism for detecting the earliest point at which an instruction is no longer speculative. While these shadows are designed to work with speculative side-channel defences, which do not necessarily work against microarchitectural replay attacks (Section 7), the underlying principle can still be used.…”

“…However, the amount of misspeculation in the application is not the only parameter that affects its performance with the perfect filter, instead the applications sensitivity to instruction and memory level parallelism (ILP and MLP) is also important. Restricting the speculative execution of an application which relies on ILP and MLP to achieve high performance can lead to more severe performance penalties, when compared with an application that does not rely on either [37].…”

“…For example, stateof-the-art defences that block the transmission of speculative accessed data to potential side-channel instructions, such as NDA [48], STT [52,53], and others [4,5,13,26], are ineffective in this context, because, under microarchitectural replay, the side-channel instructions may actually be in the correct path of execution and can also be fed with non-speculative data. At the same time, other defences that are restricted on data dependencies, such as InvisiSpec [50], Delay-on-Miss [37,39], and many others [1,19,20,22,36,38,43], only focus on specific side-channels, under the assumption that not all side-channels can be exploited as easily. However, the effectiveness of microarchitectural replay attacks comes precisely from the fact that they can be used to amplify and successfully mount hard to exploit attacks, also making these speculative side-channel defences unfit for our purposes.…”

“…Speculative side-channel defences that track the data dependencies of side-channel instructions, such as NDA [48], STT [52,53], and others [4,5,13,26], do not work in this context, because the side-channel instructions may actually be in the correct path of execution and can also be fed with non-speculative data coming from before the point of misspeculation that is used for replay. Broader defences (not restricted to data dependencies) that could work in such a case, e.g., InvisiSpec [50], Delay-on-Miss [37,39], and many others [1,19,20,22,36,38,43], not only focus on a small subset of side-channels but also incur much heavier penalties. Our goal is to propose a highly-efficient new defence to effectively prevent replay attacks with minimum performance cost and hardware overhead.…”

Selectively Delaying Instructions to Prevent Microarchitectural Replay Attacks

“…In the most naïve approach, we can consider handles to be safe when they reach the head of the ROB and are retired, but this is awfully pessimistic. Instead, we draw from the existing research on speculative execution [3,6,[37][38][39]50,56] and consider handles as safe when they can no longer cause squashing, regardless of their position in the ROB. Specifically, we have adopted the approach of using speculative shadows by Sakalis et al [37][38][39], a mechanism for detecting the earliest point at which an instruction is no longer speculative.…”

“…Instead, we draw from the existing research on speculative execution [3,6,[37][38][39]50,56] and consider handles as safe when they can no longer cause squashing, regardless of their position in the ROB. Specifically, we have adopted the approach of using speculative shadows by Sakalis et al [37][38][39], a mechanism for detecting the earliest point at which an instruction is no longer speculative. While these shadows are designed to work with speculative side-channel defences, which do not necessarily work against microarchitectural replay attacks (Section 7), the underlying principle can still be used.…”

“…However, the amount of misspeculation in the application is not the only parameter that affects its performance with the perfect filter, instead the applications sensitivity to instruction and memory level parallelism (ILP and MLP) is also important. Restricting the speculative execution of an application which relies on ILP and MLP to achieve high performance can lead to more severe performance penalties, when compared with an application that does not rely on either [37].…”

“…For example, stateof-the-art defences that block the transmission of speculative accessed data to potential side-channel instructions, such as NDA [48], STT [52,53], and others [4,5,13,26], are ineffective in this context, because, under microarchitectural replay, the side-channel instructions may actually be in the correct path of execution and can also be fed with non-speculative data. At the same time, other defences that are restricted on data dependencies, such as InvisiSpec [50], Delay-on-Miss [37,39], and many others [1,19,20,22,36,38,43], only focus on specific side-channels, under the assumption that not all side-channels can be exploited as easily. However, the effectiveness of microarchitectural replay attacks comes precisely from the fact that they can be used to amplify and successfully mount hard to exploit attacks, also making these speculative side-channel defences unfit for our purposes.…”

“…Speculative side-channel defences that track the data dependencies of side-channel instructions, such as NDA [48], STT [52,53], and others [4,5,13,26], do not work in this context, because the side-channel instructions may actually be in the correct path of execution and can also be fed with non-speculative data coming from before the point of misspeculation that is used for replay. Broader defences (not restricted to data dependencies) that could work in such a case, e.g., InvisiSpec [50], Delay-on-Miss [37,39], and many others [1,19,20,22,36,38,43], not only focus on a small subset of side-channels but also incur much heavier penalties. Our goal is to propose a highly-efficient new defence to effectively prevent replay attacks with minimum performance cost and hardware overhead.…”

Selectively Delaying Instructions to Prevent Microarchitectural Replay Attacks

Security Computer Database Updating System Based on Deep Learning Algorithm

I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches