Skip to main content
QUICK REVIEW

[论文解读] MeltdownPrime and SpectrePrime: Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols

Caroline Trippel, Daniel Lustig|arXiv (Cornell University)|Feb 11, 2018
Security and Verification in Computing参考文献 7被引用 57
一句话总结

本文提出一种自动化工具,用于合成面向微架构的程序以创建安全性验测试,揭示 MeltdownPrime 和 SpectrePrime——利用一致性协议中缓存失效的 Prime+Probe 变体;在真实硬件上的概念验证显示其与原始 Meltdown/Spectre 的准确性几乎完全相同。

ABSTRACT

The recent Meltdown and Spectre attacks highlight the importance of automated verification techniques for identifying hardware security vulnerabilities. We have developed a tool for synthesizing microarchitecture-specific programs capable of producing any user-specified hardware execution pattern of interest. Our tool takes two inputs: a formal description of (i) a microarchitecture in a domain-specific language, and (ii) a microarchitectural execution pattern of interest, e.g. a threat pattern. All programs synthesized by our tool are capable of producing the specified execution pattern on the supplied microarchitecture. We used our tool to specify a hardware execution pattern common to Flush+Reload attacks and automatically synthesized security litmus tests representative of those that have been publicly disclosed for conducting Meltdown and Spectre attacks. We also formulated a Prime+Probe threat pattern, enabling our tool to synthesize a new variant of each---MeltdownPrime and SpectrePrime. Both of these new exploits use Prime+Probe approaches to conduct the timing attack. They are both also novel in that they are 2-core attacks which leverage the cache line invalidation mechanism in modern cache coherence protocols. These are the first proposed Prime+Probe variants of Meltdown and Spectre. But more importantly, both Prime attacks exploit invalidation-based coherence protocols to achieve the same level of precision as a Flush+Reload attack. While mitigation techniques in software (e.g., barriers that prevent speculation) will likely be the same for our Prime variants as for original Spectre and Meltdown, we believe that hardware protection against them will be distinct. As a proof of concept, we implemented SpectrePrime as a C program and ran it on an Intel x86 processor, averaging about the same accuracy as Spectre over 100 runs---97.9% for Spectre and 99.95% for SpectrePrime.

研究动机与目标

  • 激励对因微架构优化而产生的硬件安全漏洞进行自动化验证。
  • 引入一个从微架构描述和威胁模式合成实现感知的汇编程序的工具。
  • 展示针对类似 Meltdown/Spectre 的攻击合成安全性验测试并推导 Prime+Probe 变体。
  • 展示利用基于失效的缓存一致性协议的两核心 MeltdownPrime/SpectrePrime 攻击。

提出的方法

  • 使用描述微架构(μ spec)和威胁模式的领域特定语言来编码所需的执行模式。
  • 应用关系模型查找(Alloy/Kodkod)来合成表示安全利用的程序图。
  • 使用 Value in Cache Lifetime(ViCL)抽象对微架构事件进行建模,以捕捉缓存占用的动态。
  • 扩展 Check 建模以包含攻击者/受害者进程、私有/共享空间、投机和一致性消息。
  • 合成两种核心的 Prime+Probe 变体(MeltdownPrime/SpectrePrime),利用一致性协议中的失效。
  • 通过在 Intel x86 硬件上实现 SpectrePrime 并将准确性与原始 Spectre 进行比较来验证。

实验结果

研究问题

  • RQ1自动化合成是否能在给定微架构上产生符合用户定义威胁模式的安全利用?
  • RQ2利用基于失效的缓存一致性协议的 Prime+Probe 变体是否能达到与 Flush+Reload 攻击相当的精准度?
  • RQ3安全性验测试是否可抽象地表示 Meltdown/Spectre 利用并扩展为完整攻击?
  • RQ4相对于软件级防御,哪些硬件缓解措施对这些 Prime 变体有效?

主要发现

  • 自动化合成可以为类似 Meltdown/Spectre 的模式生成安全性验测试。
  • MeltdownPrime 和 SpectrePrime 是利用缓存一致性失效实现高精度基于时序的泄漏的两核攻击。
  • SpectrePrime 在 2.4 GHz Intel Core i7 上的 100 次运行中平均准确率达到 99.95%,与同一硬件上的 Spectre 的 97.9% 相当。
  • 在 MacBook 硬件上的 SpectrePrime 展示了基于一致性失效的 Prime+Probe 攻击的可行性。
  • 如 mfence/lfence 封锁等缓解措施在实验中缓解了 Spectre 和 SpectrePrime,表明对 Prime 变体的软件防御可能足够,而硬件特定的缓解措施可能不同。

更好的研究,从现在开始

从论文设计到论文写作,大幅缩短您的研究时间。

无需绑定信用卡

本解读由 AI 生成,并经人工编辑审核。