Spectre attacks exploit control- and data-flow (mis)prediction on modern processors to transiently leak program secrets. Comprehensively mitigating Spectre leakage is hard, and doing so while preserving the program’s performance is even harder: no existing Spectre mitigations are widely deployed due to their high overhead or high complexity. We claim that a comprehensive, efficient, and low-complexity mitigation for Spectre attacks requires engaging in software-compiler-hardware co-design. In our talk, we will pitch such a co-designed Spectre mitigation that will be widely deployable at a low cost in security-critical applications. As a first step towards this goal, we have developed Serberus, a comprehensive and proven-correct Spectre mitigation for constant-time code that targets existing hardware. We are currently exploring lightweight hardware support to improve Serberus’ performance in other application domains.
History
Preferred Citation
Nicholas Mosier, Kate Eselius, Hamed Nemati, John Mitchell, Caroline Trippel. Hardware-Software Codesign for Mitigating Spectre. In: Workshop on Programming Languages for Architecture. 2023.
Primary Research Area
Threat Detection and Defenses
Name of Conference
Workshop on Programming Languages for Architecture
Legacy Posted Date
2023-08-29
Open Access Type
Repository
BibTeX
@inproceedings{cispa_all_4017,
author = {Nicholas Mosier AND Kate Eselius AND Hamed Nemati AND John Mitchell AND Caroline Trippel},
title = {Hardware-Software Codesign for Mitigating Spectre},
booktitle = {Workshop on Programming Languages for Architecture},
year = {2023}
}