Transcription of Spectre Attacks: Exploiting Speculative Execution
1 Spectre Attacks: Exploiting Speculative ExecutionPaul Kocher1, Jann Horn2, Anders Fogh3, Daniel Genkin4,Daniel Gruss5, Werner Haas6, Mike Hamburg7, Moritz Lipp5,Stefan Mangard5, Thomas Prescher6, Michael Schwarz5, Yuval Yarom81 Independent( ),2 Google Project Zero,3G DATA Advanced Analytics,4 University of Pennsylvania and University of Maryland,5 Graz University of Technology,6 Cyberus Technology,7 Rambus, Cryptography Research Division,8 University of Adelaide and Data61 Abstract Modern processors use branch prediction and spec-ulative Execution to maximize performance.
2 For example, if thedestination of a branch depends on a memory value that is in theprocess of being read, CPUs will try to guess the destination andattempt to execute ahead. When the memory value finally arrives,the CPU either discards or commits the Speculative logic is unfaithful in how it executes, can access thevictim s memory and registers, and can perform operations withmeasurable side attacks involve inducing a victim to speculativelyperform operations that would not occur during correct programexecution and which leak the victim s confidential information viaa side channel to the adversary.
3 This paper describes practicalattacks that combine methodology from side channel attacks,fault attacks, and return-oriented programming that can readarbitrary memory from the victim s process. More broadly, thepaper shows that Speculative Execution implementations violatethe security assumptions underpinning numerous software secu-rity mechanisms, including operating system process separation,containerization, just-in-time (JIT) compilation, and countermea-sures to cache timing and side-channel attacks. These attacksrepresent a serious threat to actual systems since vulnerablespeculative Execution capabilities are found in microprocessorsfrom Intel, AMD, and ARM that are used in billions of makeshift processor-specific countermeasures are possi-ble in some cases, sound solutions will require fixes to processordesigns as well as updates to instruction set architectures (ISAs)to give hardware architects and software developers a commonunderstanding as to what computation state CPU implementa-tions are (and are not)
4 Permitted to INTRODUCTIONC omputations performed by physical devices often leaveobservable side effects beyond the computation s nominaloutputs. Side-channel attacks focus on Exploiting these sideeffects to extract otherwise-unavailable secret their introduction in the late 90 s , many physicaleffects such as power consumption [41, 42], electromagneticradiation , or acoustic noise  have been leveraged toextract cryptographic keys as well as other side-channel attacks can also be used to extractsecret information from complex devices such as PCs andmobile phones [21, 22].
5 However, because these devicesoften execute code from a potentially unknown origin, theyface additional threats in the form of software-based attacks,which do not require external measurement equipment. Whilesome attacks exploit software vulnerabilities (such as bufferoverflows  or double-free errors ), other software attacksleverage hardware vulnerabilities to leak sensitive of the latter type include microarchitectural attacksexploiting cache timing [8, 30, 48, 52, 55, 69, 74], branchprediction history [1, 2], branch target buffers [14, 44] or openDRAM rows .
6 Software-based techniques have also beenused to mount fault attacks that alter physical memory  orinternal CPU values .Several microarchitectural design techniques have facilitatedthe increase in processor speed over the past decades. One suchadvancement is Speculative Execution , which is widely usedto increase performance and involves having the CPU guesslikely future Execution directions and prematurely executeinstructions on these paths. More specifically, consider anexample where the program s control flow depends on anuncached value located in external physical memory.
7 As thismemory is much slower than the CPU, it often takes severalhundred clock cycles before the value becomes known. Ratherthan wasting these cycles by idling, the CPU attempts to guessthe direction of control flow, saves a checkpoint of its registerstate, and proceeds to speculatively execute the program on theguessed path. When the value eventually arrives from memory,the CPU checks the correctness of its initial guess. If theguess was wrong, the CPU discards the incorrect speculativeexecution by reverting the register state back to the storedcheckpoint, resulting in performance comparable to , if the guess was correct, the Speculative executionresults are committed, yielding a significant performance gainas useful work was accomplished during the a security perspective, Speculative Execution involvesexecuting a program in possibly incorrect ways.
8 However,because CPUs are designed to maintain functional correctnessby reverting the results of incorrect Speculative executions totheir prior states, these errors were previously assumed to Our ResultsIn this paper, we analyze the security implications of suchincorrect Speculative Execution . We present a class of microar-chitectural attacks which we callSpectre attacks. At a highlevel, Spectre attacks trick the processor into speculativelyexecuting instruction sequences that should not have beenexecuted under correct program Execution .