Do You Even Lift? Strengthening Compiler Security Guarantees Against Spectre Attacks
arxiv(2024)
摘要
Mainstream compilers implement different countermeasures to prevent specific
classes of speculative execution attacks. Unfortunately, these countermeasures
either lack formal guarantees or come with proofs restricted to speculative
semantics capturing only a subset of the speculation mechanisms supported by
modern CPUs, thereby limiting their practical applicability. Ideally, these
security proofs should target a speculative semantics capturing the effects of
all speculation mechanisms implemented in modern CPUs. However, this is
impractical and requires new secure compilation proofs to support additional
speculation mechanisms. In this paper, we address this problem by proposing a
novel secure compilation framework that allows lifting the security guarantees
provided by Spectre countermeasures from weaker speculative semantics (ignoring
some speculation mechanisms) to stronger ones (accounting for the omitted
mechanisms) without requiring new secure compilation proofs. Using our lifting
framework, we performed the most comprehensive security analysis of Spectre
countermeasures implemented in mainstream compilers to date. Our analysis spans
9 different countermeasures against 5 classes of Spectre attacks, which we
proved secure against a speculative semantics accounting for five different
speculation mechanisms.
更多查看译文
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要