SafeBet: Secure, Simple, and Fast Speculative Execution
Conor Green, Cole Nelson, Mithuna Thottethodi, and T. N. Vijaykumar
TL;DR
SafeBet is a hardware scheme that enables secure speculative execution by allowing only safe accesses without delays, significantly improving performance while preventing Spectre-style attacks.
Contribution
SafeBet introduces a novel trust domain-based tracking mechanism (SMACT) to enable secure, high-performance speculative execution without extensive hardware modifications.
Findings
SafeBet achieves within 6% of unsafe baseline performance.
Uses an 8.3 KB SMACT per core for tracking trust domain accesses.
Outperforms previous NDA-restrictive schemes by 83% in efficiency.
Abstract
Spectre attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's transmission by delaying most access-dependent instructions even in the predominantly-common, no-attack case, which incurs performance loss and hardware complexity. Instead, we propose SafeBet which allows only, and does not delay most, safe accesses, achieving both security and high performance. SafeBet is based on the key observation that speculatively accessing a destination location is safe if the location's access by the same static trust domain has been committed previously; and potentially unsafe, otherwise. We extend this observation to handle inter trust-domain code and data interactions. SafeBet employs the Speculative Memory Access Control…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Memory and Neural Computing · Cloud Data Security Solutions