Exorcising Spectres with Secure Compilers

IRIS

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate these attacks, popular compilers deployed a wide range of countermeasures whose security, however, has not been ascertained: while some are believed to be secure, others are known to be insecure and result in vulnerable programs. This paper develops formal foundations for reasoning about the security of these defenses. For this, it proposes a framework of secure compilation criteria that characterise when compilers produce code resistant against Spectre v1 attacks. With this framework, this paper performs a comprehensive security analysis of countermeasures against Spectre v1 attacks implemented in major compilers, deriving the first security proofs of said countermeasures.

Exorcising Spectres with Secure Compilers / Patrignani, Marco; Guarnieri, Marco. - (2021), pp. 445-461. (Intervento presentato al convegno CCS tenutosi a Virtual Event, Republic of Korea nel 15 - 19 Novembre 2021) [10.1145/3460120.3484534].

Exorcising Spectres with Secure Compilers

Patrignani, Marco;Guarnieri, Marco

2021-01-01

Abstract

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate these attacks, popular compilers deployed a wide range of countermeasures whose security, however, has not been ascertained: while some are believed to be secure, others are known to be insecure and result in vulnerable programs. This paper develops formal foundations for reasoning about the security of these defenses. For this, it proposes a framework of secure compilation criteria that characterise when compilers produce code resistant against Spectre v1 attacks. With this framework, this paper performs a comprehensive security analysis of countermeasures against Spectre v1 attacks implemented in major compilers, deriving the first security proofs of said countermeasures.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2021
		
	Titolo del volume (Proceedings title)
	
			CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
		
	Luogo di edizione (Place of publication)
	
			Virtual Event, Republic of Korea
		
	Casa editrice (Publisher)
	
			ACM
		
	ISBN
	
			978-1-4503-8454-4
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85119362632
		
	Codice WOS (WOS identifier)
	
			WOS:000768478300030
		
	Tutti gli autori
	
			Patrignani, Marco; Guarnieri, Marco
		
	Citazione
	
			Exorcising Spectres with Secure Compilers / Patrignani, Marco; Guarnieri, Marco. - (2021), pp. 445-461. (Intervento presentato al  convegno CCS tenutosi a Virtual Event, Republic of Korea nel 15 - 19 Novembre 2021) [10.1145/3460120.3484534].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

File	Dimensione	Formato
sc-ccs21.pdf accesso aperto Descrizione: first online Tipologia: Versione editoriale (Publisher’s layout) Licenza: Tutti i diritti riservati (All rights reserved) Dimensione 949.96 kB Formato Adobe PDF Visualizza/Apri	949.96 kB	Adobe PDF	Visualizza/Apri
3460120.3484534.pdf accesso aperto Tipologia: Versione editoriale (Publisher’s layout) Licenza: Tutti i diritti riservati (All rights reserved) Dimensione 1.49 MB Formato Adobe PDF Visualizza/Apri	1.49 MB	Adobe PDF	Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/336395

Citazioni

ND

7

3

social impact