CISPA
Browse

Exorcising Spectres with Secure Compilers

Download (506.05 kB)
conference contribution
posted on 2023-11-29, 18:23 authored by Marco Vassena, Marco Patrignani
Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate theses attacks, popular compilers deployed a wide range of countermeasures. The security of these countermeasures, however, has not been ascertained: while some of them are believed to be secure, others are known to be insecure and result in vulnerable programs. To reason about the security guarantees of these compiler-inserted countermeasures, this paper presents a framework comprising several secure compilation criteria characterizing when compilers produce code resistant against Spectre attacks. With this framework, we perform a comprehensive security analysis of compiler-level countermeasures against Spectre attacks implemented in major compilers. This work provides sound foundations to formally reason about the security of compiler-level countermeasures against Spectre attacks as well as the first proofs of security and insecurity of said countermeasures.

History

Preferred Citation

Marco Vassena and Marco Patrignani. Exorcising Spectres with Secure Compilers. In: ACM Conference on Computer and Communications Security (CCS). 2020.

Primary Research Area

  • Reliable Security Guarantees

Name of Conference

ACM Conference on Computer and Communications Security (CCS)

Legacy Posted Date

2020-12-14

Book Title

CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Page Range

445-461

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3327, title = "Exorcising Spectres with Secure Compilers", author = "Vassena, Marco and Patrignani, Marco", booktitle="{ACM Conference on Computer and Communications Security (CCS)}", year="2020", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC