SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations
Paper in proceeding, 2023

Microarchitectural optimizations are expected to play a crucial role in ensuring performance scalability in the post-Moore era. However, recent attacks have demonstrated that these optimizations, which were assumed to be secure, can be exploited. Moreover, new attacks surface at a rapid pace limiting the scope of existing defenses. These developments prompt the need to review microarchitectural optimizations with an emphasis on security, so as to understand the attack landscape and the potential defense strategies.We provide a framework to analyze attacks on a wide range of microarchitectural optimizations and use that to systematize both transient and non-transient attacks and defenses, while highlighting the similarities and differences. We identify four root causes of timing-based side-channel attacks: determinism, sharing, access violation and information flow, through our systematic analysis. Leveraging our framework, we systematize existing defenses and show that they target these root causes in the different attack steps. We believe that our framework can assist in understanding the attack and defense landscape and provide guidance for designing secure microarchitectural optimizations.

Side channels

Root causes

Author

Nadja Holtryd

Chalmers, Computer Science and Engineering (Chalmers), Computer Engineering (Chalmers)

Madhavan Manivannan

Chalmers, Computer Science and Engineering (Chalmers), Computer Engineering (Chalmers)

Per Stenström

Chalmers, Computer Science and Engineering (Chalmers), Computer and Network Systems

Proceedings - 8th IEEE European Symposium on Security and Privacy, Euro S and P 2023

631-650
9781665465120 (ISBN)

8th IEEE European Symposium on Security and Privacy, Euro S and P 2023
Delft, Netherlands,

PRIME: Principled Designs of Processing-in-Memory Parallel Systems

Swedish Research Council (VR) (2019-04929), 2019-12-01 -- 2023-11-30.

Subject Categories

Computer Science

DOI

10.1109/EuroSP57164.2023.00044

More information

Latest update

9/1/2023 7