Speculative Privacy Tracking (SPT): Leaking Information From Speculative Execution Without Compromising Privacy
Rutvik Choudhary, Jiyong Yu, Christopher W. Fletcher, Adam Morrison
Abstract
Speculative execution attacks put a dangerous new twist on information leakage through microarchitectural side channels. Ordinarily, programmers can reason about leakage based on the program’s semantics, and prevent said leakage by carefully writing the program to not pass secrets to covert channel-creating “transmitter” instructions, such as branches and loads. Speculative execution breaks this defense, because a transmitter might mis-speculatively execute with a secret operand even if it can never execute with said operand in valid executions.
Topics & Concepts
Computer scienceOperandInformation leakageComputer securityCovert channelLeakage (economics)Side channel attackCovertSpeculative executionDebuggingCryptographyOperating systemCloud computingEconomicsPhilosophyCloud computing securityLinguisticsSecurity information and event managementMacroeconomicsSecurity and Verification in ComputingAdvanced Malware Detection TechniquesPhysical Unclonable Functions (PUFs) and Hardware Security