The recent Spectre attack first showed how to inject incorrect branch targets into a victim
domain by poisoning microarchitectural branch prediction history. In this paper, we …

Transient execution attacks, also known as speculative execution attacks, have drawn much
interest in the last few years as they can cause critical data leakage. Since the first …

Speculation-based attacks affect hundreds of millions of computers. These attacks typically
exploit caches to leak information, using speculative instructions to cause changes to the …

Modern processors allow attackers to leak data during transient (ie, mis-speculated)
execution through microarchitectural covert timing channels. While initial defenses were …

Since the discovery of Spectre, a large number of hardware mechanisms for secure
speculation has been proposed. Intuitively, more defensive mechanisms are less efficient …

Modern operating systems fundamentally rely on the strict isolation of user applications from
the kernel. This isolation is enforced by the hardware. On Intel CPUs, this isolation has been …

We describe Swivel, a new compiler framework for hardening WebAssembly (Wasm)
against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in …

We introduce Blade, a new approach to automatically and efficiently eliminate speculative
leaks from cryptographic code. Blade is built on the insight that to stop leaks via speculative …

Spectre attacks and their many subsequent variants are a new vulnerability class affecting
modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by …

Spectre vulnerabilities violate our fundamental assumptions about architectural abstractions,
allowing attackers to steal sensitive data despite previously state-of-the-art …