Side-Channel Attacks & Transient Execution Vulnerabilities
Conference: RISC-V Summit
Location: San Jose, CA, USA
An unfortunate truth of modern hardware security is that secure ISA design is not sufficient to guarantee the security of the system. Microarchitectural techniques for violating confidentiality and integrity are on the rise, including a disturbing variety of software-induced hardware attacks. The basic idea of leaking secrets through side channels has been around for a long time, but the earliest forms of these attacks were regarded as too difficult to exploit, and so were often ignored by hardware designers and vendors. Side-channel attack techniques have continued to evolve over the decades to use different channels (such as, power analysis, EM analysis, fault analysis, and timing analysis), to be easier to exploit, and to leak more information more rapidly. A series of vulnerabilities related to transient (speculative) execution rose to attention in 2018, called Spectre and Meltdown. These vulnerabilities used side-channel attack techniques, but combined them in a more sophisticated way, and with a more severe security impact, than previously considered possible. 5 years on, it turns out that Meltdown-type attacks are relatively easy to prevent with a small but intelligent change to the microarchitecture design. Spectre-type attacks have proven more difficult to tackle, not because preventing them is impossible, but because the solutions that actually work have untenable performance penalties. New varieties of transient execution vulnerabilities continue to be discovered on a regular basis, and the industry has only barely scratched the surface of vulnerabilities that are possible using new side-channel attack techniques. Consideration of microarchitecural side channels has become a necessity in modern hardware design, and vendors are faced with tough choices in the trade-offs between security, performance, power, and die area. This tutorial captures essential knowledge that every hardware engineer should have about side-channel attacks and the transient execution vulnerabilities, as well as approaches to limit their impact for CPU and SoC designers, system integrators, and end users.