A team of computer science researchers has discovered a line of attack that bypasses all Spectre defenses, which means that billions of computers and other devices around the world are just as vulnerable today as they were when Spectre was first revealed. In 2018, industry and academic researchers revealed a potentially disastrous hardware flaw that exposed computers and other devices around the world to attack.
The flaw was named Spectre by researchers because it was built into modern computer processors, which get their speed from a technique known as “speculative execution,” in which the processor predicts which instructions it will execute and prepares by following the predicted path to pull the instructions from memory. A Spectre attack deceives the processor into executing instructions in the incorrect order. Even if the processor recovers and completes its task correctly, hackers can access confidential data while the processor is on the wrong path.
Since the discovery of Spectre, the world’s most talented computer scientists from industry and academia have been working on software patches and hardware defenses, confident that they will be able to protect the most vulnerable points in the speculative execution process without significantly slowing down computing speeds. They will have to start all over again.
A team of computer science researchers from the University of Virginia School of Engineering has discovered a line of attack that bypasses all Spectre defenses, implying that billions of computers and other devices around the world are just as vulnerable today as they were when Spectre was first announced. In April, the team informed international chip makers of its discovery, and in June, it will present the new challenge at a global computing architecture conference.
Intel’s proposed Spectre defense, known as LFENCE, places sensitive code in a waiting area until the security checks are completed, and only then is the sensitive code allowed to execute. However, it turns out that the walls of this waiting area have ears, which our attack takes advantage of. We demonstrate how an attacker can use the micro-op cache as a covert channel to smuggle secrets.Ashish Venkat
The researchers, led by Ashish Venkat, William Wulf Career Enhancement Assistant Professor of Computer Science at UVA Engineering, discovered a completely new way for hackers to exploit a “micro-op cache,” which speeds up computing by storing simple commands and allowing the processor to retrieve them quickly and early in the speculative execution process. Micro-op caches have been included in Intel computers since 2011. Venkat’s team discovered that when a processor retrieves commands from the micro-op cache, hackers can steal data.
“Consider a hypothetical airport security scenario in which the TSA allows you to enter without checking your boarding pass because (1) it is fast and efficient, and (2) you will be checked for your boarding pass at the gate anyway,” Venkat said. “A computer processor performs a similar function. It anticipates that the check will pass and that instructions will be allowed into the pipeline. If the prediction is incorrect, it will eventually throw those instructions out of the pipeline, but this may be too late because those instructions may have left side-effects while waiting in the pipeline that an attacker can later exploit to infer secrets such as a password.”
All current Spectre defenses are ineffective in the face of Venkat’s team’s new attacks because they protect the processor at a later stage of speculative execution. The team discovered two variants of the attacks that can steal speculatively accessed information from Intel and AMD processors.
“Intel’s proposed Spectre defense, known as LFENCE, places sensitive code in a waiting area until the security checks are completed, and only then is the sensitive code allowed to execute,” Venkat explained. “However, it turns out that the walls of this waiting area have ears, which our attack takes advantage of. We demonstrate how an attacker can use the micro-op cache as a covert channel to smuggle secrets.”
Three of Venkat’s computer science graduate students are on his team: Ph.D. student Xida Ren, Ph.D. student Logan Moody, and master’s degree recipient, Matthew Jordan. To reverse-engineer certain undocumented features in Intel and AMD processors, the UVA team collaborated with Dean Tullsen, professor of the Department of Computer Science and Engineering at the University of California, San Diego, and his Ph.D. student Mohammadkazem Taram.
The findings are detailed in their paper, “I See Deadμops: Leaking Secrets via Intel/AMD Micro-Op Caches.” This newly discovered vulnerability will be much more difficult to fix, according to Moody. “In the case of previous Spectre attacks, developers came up with a relatively easy way to prevent any sort of attack without a significant performance penalty” for computing. “The difference with this attack is that you suffer a much higher performance penalty than you did with the previous attacks.”
“Patches that disable the micro-op cache or halt speculative execution on legacy hardware would effectively roll back critical performance innovations in most modern Intel and AMD processors, which is simply not feasible,” Ren, the lead student author, explained.
“It’s really unclear how to solve this problem in a way that provides high performance to legacy hardware,” Venkat said. “Securing the micro-op cache is an intriguing line of research that we are looking into.”
Venkat’s team informed Intel and AMD’s product security teams about the vulnerability. Ren and Moody gave a technical talk at Intel Labs around the world on April 27 to discuss the impact and potential solutions. Venkat anticipates that computer scientists in academia and industry will collaborate quickly to find solutions, as they did with Spectre.
The paper submitted by the team was accepted by the highly competitive International Symposium on Computer Architecture, or ISCA. The annual ISCA conference, which will be held virtually in June, is the leading forum for new ideas and research results in computer architecture.
Through the National Science Foundation/Intel Partnership on Foundational Microarchitecture Research Program, Venkat is also working closely with the Processor Architecture Team at Intel Labs on other microarchitectural innovations.
Venkat was well-prepared to lead the UVA research team into this breakthrough. He has a long-standing relationship with Intel, which began in 2012 while he was a computer science graduate student at the University of California, San Diego. This study, like others led by Venkat, is supported by the National Science Foundation and the Defense Advanced Research Projects Agency.
Venkat is also one of the university researchers who co-authored a paper with UC San Diego collaborators Mohammadkazem Taram and Tullsen that introduces a more targeted microcode-based defense against Spectre. Context-sensitive fencing allows the processor to patch running code with speculation fences on the fly.
“Context-Sensitive Fencing: Securing Speculative Execution via Microcode Customization,” one of only a few more targeted microcode-based defenses developed to stop Spectre, was published in April 2019 at the ACM International Conference on Architectural Support for Programming Languages and Operating Systems. The paper was also chosen as the best among all computer architecture, computer security, and VLSI design conference papers published between 2014 and 2019.
Venkat’s team discovered new Spectre variants that even break the context-sensitive fencing mechanism outlined in Venkat’s award-winning paper. However, in this type of study, breaching your own defense is just another big win. Each security improvement enables researchers to delve deeper into the hardware and discover more flaws, which is exactly what Venkat’s research team did.