ZombieLoad: Cross-privilege-boundary data sampling
In early 2018, Meltdown first showed how to read arbitrary kernel memory from user space
by exploiting side-effects from transient instructions. While this attack has been mitigated …
by exploiting side-effects from transient instructions. While this attack has been mitigated …
A systematic evaluation of transient execution attacks and defenses
Research on transient execution attacks including Spectre and Meltdown showed that
exception or branch misprediction events might leave secret-dependent traces in the CPU's …
exception or branch misprediction events might leave secret-dependent traces in the CPU's …
Survey of transient execution attacks and their mitigations
Transient execution attacks, also known as speculative execution attacks, have drawn much
interest in the last few years as they can cause critical data leakage. Since the first …
interest in the last few years as they can cause critical data leakage. Since the first …
Timing Side-Channel Attacks and Countermeasures in CPU Microarchitectures
Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle
microarchitecture state to steal the user's secret data and even compromise the operating …
microarchitecture state to steal the user's secret data and even compromise the operating …
{RETBLEED}: Arbitrary speculative code execution with return instructions
Modern operating systems rely on software defenses against hardware attacks. These
defenses are, however, as good as the assumptions they make on the underlying hardware …
defenses are, however, as good as the assumptions they make on the underlying hardware …
Constant-time foundations for the new spectre era
S Cauligi, C Disselkoen, K Gleissenthall… - Proceedings of the 41st …, 2020 - dl.acm.org
The constant-time discipline is a software-based countermeasure used for protecting high
assurance cryptographic implementations against timing side-channel attacks. Constant …
assurance cryptographic implementations against timing side-channel attacks. Constant …
Spechammer: Combining spectre and rowhammer for new speculative attacks
The recent Spectre attacks have revealed how the performance gains from branch
prediction come at the cost of weakened security. Spectre Variant 1 (v1) shows how an …
prediction come at the cost of weakened security. Spectre Variant 1 (v1) shows how an …
{DOLMA}: Securing speculation with the principle of transient {Non-Observability}
Modern processors allow attackers to leak data during transient (ie, mis-speculated)
execution through microarchitectural covert timing channels. While initial defenses were …
execution through microarchitectural covert timing channels. While initial defenses were …
Hardware-software contracts for secure speculation
Since the discovery of Spectre, a large number of hardware mechanisms for secure
speculation has been proposed. Intuitively, more defensive mechanisms are less efficient …
speculation has been proposed. Intuitively, more defensive mechanisms are less efficient …
“They're not that hard to mitigate”: What cryptographic library developers think about timing attacks
Timing attacks are among the most devastating side-channel attacks, allowing remote
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …
attackers to retrieve secret material, including cryptographic keys, with relative ease. In …