Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors

TL;DR

This paper introduces Shesha, a novel framework inspired by Particle Swarm Optimization, for automated discovery of microarchitectural transient execution paths in Intel processors, revealing new vulnerabilities and attack vectors.

Contribution

Shesha leverages the fragmentation of speculation search space to efficiently identify previously unknown transient execution paths in modern Intel CPUs.

Findings

Discovered five new transient execution paths in Intel ISA extensions.

Reverse engineered the root causes of these transient paths.

Demonstrated data leakage from cryptographic implementations using new attack vectors.

Abstract

Transient execution attacks have been one of the widely explored microarchitectural side channels since the discovery of Spectre and Meltdown. However, much of the research has been driven by manual discovery of new transient paths through well-known speculative events. Although a few attempts exist in literature on automating transient leakage discovery, such tools focus on finding variants of known transient attacks and explore a small subset of instruction set. Further, they take a random fuzzing approach that does not scale as the complexity of search space increases. In this work, we identify that the search space of bad speculation is disjointedly fragmented into equivalence classes, and then use this observation to develop a framework named Shesha, inspired by Particle Swarm Optimization, which exhibits faster convergence rates than state-of-the-art fuzzing techniques for automatic discovery of transient execution attacks. We then use Shesha to explore the vast search space of extensions to the x86 Instruction Set Architecture (ISAs), thereby focusing on previously unexplored avenues of bad speculation. As such, we report five previously unreported transient execution paths in Instruction Set Extensions (ISEs) on new generation of Intel processors. We then perform extensive reverse engineering of each of the transient execution paths and provide root-cause analysis. Using the discovered transient execution paths, we develop attack building blocks to exhibit exploitable transient windows. Finally, we demonstrate data leakage from Fused Multiply-Add instructions through SIMD buffer and extract victim data from various cryptographic implementations.