Stručni rad
SIDECHANNEL ATTACKS THAT EXPLOIT VULNERABILITIES OF ARCHITECTURES WITH SPECULATIVE EXECUTION
Želimir Mikulić
orcid.org/0000-0002-9936-0326
; Veleučilište u Šibeniku, Šibenik, Hrvatska
Sažetak
Concepts on which are founded recently discovered Spectre and Meltdown attacks have been described in this paper. Both attacks with their variants are addressing only hardware vulnerabilities and are not exploiting any software weakness which makes them operating system independent. Speculative execution is basic architectural concept of all modern processor designs on various levels. Principle according to which instruction, while executed in speculative mode or during outoforder execution, does not raise interrupt in case of memory permission access violation instantly, but only then instruction is retired, opens big enough time frame window, which enables information leaking through the sidechannel. Implementation of speculative and out-of-order execution logic, cache control, pipeline depth and other characteristics can influence performance and possibility of the sidechannel attack in the way that on certain microarchitectures some variants of the attack were not currently reproducible, but potential threat from attack code optimization and discovery of the new exploitable covert channels stays.
Ključne riječi
sidechannell attack; speculative execution; computer architecture; privileged memory
Hrčak ID:
198596
URI
Datum izdavanja:
13.4.2018.
Posjeta: 871 *