Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate these attacks, popular compilers deployed a wide range of countermeasures whose security, however, has not been ascertained: while some are believed to be secure, others are known to be insecure and result in vulnerable programs. This paper develops formal foundations for reasoning about the security of these defenses. For this, it proposes a framework of secure compilation criteria that characterise when compilers produce code resistant against Spectre v1 attacks. With this framework, this paper performs a comprehensive security analysis of countermeasures against Spectre v1 attacks implemented in major compilers, deriving the first security proofs of said countermeasures.

Exorcising Spectres with Secure Compilers / Patrignani, Marco; Guarnieri, Marco. - (2021), pp. 445-461. (Intervento presentato al convegno 27th ACM Annual Conference on Computer and Communication Security, CCS 2021 tenutosi a Virtual Event, Republic of Korea nel 15 - 19 Novembre 2021) [10.1145/3460120.3484534].

Exorcising Spectres with Secure Compilers

Patrignani, Marco;
2021-01-01

Abstract

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate these attacks, popular compilers deployed a wide range of countermeasures whose security, however, has not been ascertained: while some are believed to be secure, others are known to be insecure and result in vulnerable programs. This paper develops formal foundations for reasoning about the security of these defenses. For this, it proposes a framework of secure compilation criteria that characterise when compilers produce code resistant against Spectre v1 attacks. With this framework, this paper performs a comprehensive security analysis of countermeasures against Spectre v1 attacks implemented in major compilers, deriving the first security proofs of said countermeasures.
2021
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
1601 Broadway, 10th Floor, NEW YORK, NY, UNITED STATES
ACM
978-1-4503-8454-4
Patrignani, Marco; Guarnieri, Marco
Exorcising Spectres with Secure Compilers / Patrignani, Marco; Guarnieri, Marco. - (2021), pp. 445-461. (Intervento presentato al convegno 27th ACM Annual Conference on Computer and Communication Security, CCS 2021 tenutosi a Virtual Event, Republic of Korea nel 15 - 19 Novembre 2021) [10.1145/3460120.3484534].
File in questo prodotto:
File Dimensione Formato  
sc-ccs21.pdf

accesso aperto

Descrizione: first online
Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 949.96 kB
Formato Adobe PDF
949.96 kB Adobe PDF Visualizza/Apri
3460120.3484534.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.49 MB
Formato Adobe PDF
1.49 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/336395
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 12
  • ???jsp.display-item.citation.isi??? 4
social impact