Description
Microarchitectural optimizations, such as caches and speculative out-of-order execution, are essential for achieving high performance. However, these same mechanisms also open the door to attacks that can undermine software-enforced security policies. The current gold standard for defending against such attacks is the constant-time programming discipline, which prohibits secret-dependent control flow and memory accesses. While constant-time programming is widely used to secure cryptographic implementations against microarchitectural attacks, it has critical limitations. From a security perspective, it depends on assumptions about the underlying hardware and fails to provide protection against certain classes of attacks, such as Spectre. From a performance perspective, it incurs additional overheads, for example due to control-flow linearization. In this presentation, I will introduce recent hardware-software co-design approaches that mitigate the shortcomings of constant-time programming, moving toward more efficient and robust defenses. I will also discuss some remaining challenges to achieve provable, end-to-end security guarantees.
Prochains exposés
-
The Design and Implementation of a Virtual Firmware Monitor
Orateur : Charly Castes - EPFL
Low level software is often granted high privilege, yet this need not be the case. Although vendor firmware plays a critical role in the operation and management of the machine, most of its functionality does not require unfettered access to security critical software and data. In this paper we demonstrate that vendor firmware can be safely and efficiently deprivileged, decoupling its[…]-
SoSysec
-
Compartmentalization
-
Operating system and virtualization
-