Visible to the public SpectreGuard: An Efficient Data-Centric Defense Mechanism against Spectre AttacksConflict Detection Enabled

TitleSpectreGuard: An Efficient Data-Centric Defense Mechanism against Spectre Attacks
Publication TypeConference Paper
Year of Publication2019
AuthorsFustos, Jacob, Farshchi, Farzad, Yun, Heechul
Conference NameProceedings of the 56th Annual Design Automation Conference 2019
PublisherAssociation for Computing Machinery
Conference LocationLas Vegas, NV, USA
ISBN Number9781450367257
KeywordsKU, Micro-architecture, Side-channel attack, Side-Channel Attack Resistance, Spectre

Speculative execution is an essential performance enhancing technique in modern processors, but it has been shown to be insecure. In this paper, we propose SpectreGuard, a novel defense mechanism against Spectre attacks. In our approach, sensitive memory blocks (e.g., secret keys) are marked using simple OS/library API, which are then selectively protected by hardware from Spectre attacks via low-cost micro-architecture extension. This technique allows microprocessors to maintain high performance, while restoring the control to software developers to make security and performance trade-offs.

Citation Key10.1145/3316781.3317914