We look forward to seeing you in person or via zoom on Wednesday, May 31, at 10:00am. Join in person in 2405 Siebel Center for Computer Science, 201 N. Goodwin Ave or on zoom, https://illinois.zoom.us/j/84760457745?pwd=dmVJWlp5M0lHOXRockpLQVVXOG5aUT09, Meeting ID: 847 6045 7745, Password: 441538
Title: SafeBet: A Simple, Secure and Fast Solution for Spectre and Meltdown
Mithuna Thottethodi, Elmore Family School of Electrical and Computer Engineering, Purdue University
Abstract: Spectre and Meltdown attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's transmission by delaying all or many of the access-dependent instructions, even in the predominantly-common, no-attack case, which incurs performance loss and hardware complexity. Instead, we propose SafeBet which allows only, and in the common case does not delay most, safe accesses. We make the key observation that speculatively accessing a location is safe if the location has been accessed previously non-speculatively by the same trust domain (i.e., the location is within the domain's sandbox); and potentially unsafe, otherwise. We call the location as destination and the code memory region of the trust domain as the source. SafeBet employs the Speculative Memory Access Control Table (SMACT) to track non-speculative source address-destination address pairs. Disallowed accesses wait until reaching commit to trigger well-known replay without any intrusive
hardware changes. SafeBet prevents all variants of Spectre and Meltdown except Lazy-FP-restore, based on any current or future side channel while using only simple, table-based access control and cache miss replay with virtually no change to the pipeline. Software simulations show that SafeBet uses 8.3 KB per core for the tables to perform within 6% on average (63% at worst) of the unsafe baseline behind which NDA-restrictive, a previous scheme of security and
hardware complexity comparable to SafeBet's, lags by 83% on average.
This work has been done in collaboration with Prof. T. N. Vijaykumar and our graduate students Conor Green and Cole Nelson.
Bio: Mithuna Thottethodi is Professor of Elmore Family School of Electrical and Computer Engineering at Purdue University. His research interests include computer architecture, security, ML accelerators, datacenter-scale systems and interconnection networks.