Computer Engineering Seminar

SafeBet: A Simple, Secure and Fast Solution for Spectre and Meltdown

T. N. VijaykumarProfessor of Electrical and Computer EngineeringElmore Family School of Electrical and Computer Engineering, Purdue University
WHERE:
Remote/Virtual
WHEN:
Wednesday, May 17, 2023 @ 2:30 pm - 3:30 pm
This event is free and open to the publicAdd to Google Calendar
SHARE:
""

Zoom link for virtual event: https://umich.zoom.us/j/97147752520

Spectre and Meltdown attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker’s trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret’s transmission by delaying all or many of the access-dependent instructions, even in the predominantly-common, no-attack case, which incurs performance loss and hardware complexity. Instead, we propose SafeBet which allows only, and in the common case does not delay most, safe accesses. We make the key observation that speculatively accessing a location is safe if the location has been accessed previously non-speculatively by the same trust domain (i.e., the location is within the domain’s sandbox); and potentially unsafe, otherwise. We call the location as destination and the code memory region of the trust domain as the source. SafeBet employs the Speculative Memory Access Control Table (SMACT) to track non-speculative source address-destination address pairs. Disallowed accesses wait until reaching commit to trigger well-known replay without any intrusive hardware changes. SafeBet prevents all variants of Spectre and Meltdown except Lazy-FP-restore, based on any current or future side channel while using only simple, table-based access control and cache miss replay with virtually no change to the pipeline. Software simulations show that SafeBet uses 8.3 KB per core for the tables to perform within 6% on average (63% at worst) of the unsafe baseline behind which NDA-restrictive, a previous scheme of security and hardware complexity comparable to SafeBet’s, lags by 83% on average.

This work has been done in collaboration with Prof. Mithuna Thottethodi, and our graduate students Conor Green and Cole Nelson.

T. N. Vijaykumar is Professor of Elmore Family School of Electrical and Computer Engineering at Purdue University. His research interests are in computer architecture, accelerators for machine learning, secure microarchitectures, and datacenter network interfaces and routers.