CISPA
Browse
cispa_all_3359.pdf (263.29 kB)

Specfuscator: Evaluating Branch Removal as a Spectre Mitigation

Download (263.29 kB)
conference contribution
posted on 2023-11-29, 18:15 authored by Martin Schwarzl, Claudio Canella, Daniel Gruss, Michael SchwarzMichael Schwarz
Attacks exploiting speculative execution, known as Spectre attacks, have gained substantial attention in the scientific community and in industry with a broad range of defense techniques proposed. In particular, in-software defenses for commodity systems attempt to leave the program structure as is, but defuse every potential Spectre gadget by, e.g., stopping the speculation, or limiting value ranges. While these mitigations disrupt the program flow on every conditional branch, they still contain every single conditional branch instruction. In this paper, we show that one dimension of Spectre mitigations has been overlooked entirely. We explore a novel principled Spectre mitigation that sits at the other end of the scale: the absence of conditional and indirect branches. Our mitigation is based on automatically linearizing the program flow through a special compiler pass, eliminating all conditional and indirect branches. We show that our Spectre mitigation has very clear security guarantees. We explore the feasibility of this unorthodox approach and evaluate its performance in comparison to the more conservative approaches presented so far. We observe that the performance overhead can be low, e.g., 5 %, for certain use cases, being on-par with state-of-the-art mitigations, but very high for other use cases, e.g., and overhead factor of 1000. Our results demonstrate the feasibility of Spectre defenses that eliminate branches and indicate good performance-security trade-offs for Spectre defenses can be achieved by sticking to neither of the extremes.

History

Preferred Citation

Martin Schwarzl, Claudio Canella, Daniel Gruss and Michael Schwarz. Specfuscator: Evaluating Branch Removal as a Spectre Mitigation. In: Financial Cryptography and Data Security (FC). 2021.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Financial Cryptography and Data Security (FC)

Legacy Posted Date

2021-02-15

Open Access Type

  • Gold

BibTeX

@inproceedings{cispa_all_3359, title = "Specfuscator: Evaluating Branch Removal as a Spectre Mitigation", author = "Schwarzl, Martin and Canella, Claudio and Gruss, Daniel and Schwarz, Michael", booktitle="{Financial Cryptography and Data Security (FC)}", year="2021", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC