We propose ProSpeCT, a generic formal processor model providing provably secure speculation for the constant-time policy. For constant-time programs under a non-speculative semantics, ProSpeCT guarantees that speculative and out-of-order execution cause no microarchitectural leaks. This guarantee is achieved by tracking secrets in the processor pipeline and ensuring that they do not influence the microarchitectural state during speculative execution. Our formalization covers a broad class of speculation mechanisms, generalizing prior work. As a result, our security proof covers all known Spectre attacks, including load value injection (LVI) attacks. In addition to the formal model, we provide a prototype hardware implementation of ProSpeCT on a RISC-V processor and show evidence of its low impact on hardware cost, performance, and required software changes. In particular, the experimental evaluation confirms our expectation that for a compliant constant-time binary, enabling ProSpeCT incurs no performance overhead.
翻译:我们提出ProSpeCT, 这是一种通用的正式处理模型,为恒定时间政策提供可靠可靠的投机。对于在非投机性语义学下的持续时间方案,ProSpeCT保证投机性和非秩序性执行不会造成微结构外泄漏。这一保证是通过追踪处理器管道中的秘密和确保在投机性执行期间它们不会影响微结构构造状态来实现的。我们的正规化涵盖一系列广泛的投机机制,概括以往的工作。因此,我们的安全证据涵盖所有已知的光谱攻击,包括负载值注射(LVI)攻击。除了正式模型外,我们还在RISC-V处理器上提供原型的PRSpeCT硬件执行,并展示其对硬件成本、性能和所需软件变化影响不大的证据。特别是,实验性评估证实了我们对于符合常时的二进制机制的期望,使ProSpeCT不产生任何性能间接费用。
相关内容
微信扫码咨询专知VIP会员