Last week, researchers at the University of Virginia exposed Intel and AMD’s chips to a Spectre attack. Though Spectre has been in news since 2018, the latest research has put Intel & AMD on the backfoot, with both companies swiftly releasing statements to quash any concerns.
Spectre allows attackers to skim through the sensitive information from the cached/discarded data on the processors.
To maximise performance, modern processors use techniques such as branch prediction and speculative execution. Think of speculative execution as a tour guide. For instance, if the destination of a branch depends on a certain memory value that is in the process of being ‘read’ or ‘write’, CPUs will typically try to guess the destination and execute accordingly. These virtual guides can be wrong sometimes, and the erroneous routes are immediately discarded. When the memory value finally arrives, the CPU either discards or commits the speculative action. According to Kocher et al., speculative logic is unfaithful in how it executes, can access the victim’s memory and registers, and can perform operations with measurable side effects.
But there is a catch. The discarded routes of this speculative execution do not affect a program but can make changes to the lowest level architectural features of the processors. The exploitation of speculative execution is named Spectre attack. Speculative execution can lead to the loading of unwanted data into cache. The role of cache is to allow the processors to cut down time required to fetch data. Along with cached data, branch predictor (think: virtual guide) can be probed for their performance, which the attackers can, in turn, exploit to leak sensitive information. According to experts, Spectre style attacks induce a targeted processor to speculatively perform operations that would not occur during correct program execution and open up the victim’s confidential information via a side-channel to the adversary.
“Speculative execution enables the processor to execute past a branch without any prior knowledge of whether a certain value will be discarded or committed.”
In their paper, the researchers described three types of attacks that can break several existing invisible speculation and fencing-based solutions that mitigate Spectre. In their experiments, the team at University of Virginia, exploited micro-op cache. Intel, AMD, and ARM processors translate complex instructions into simpler internal micro-ops that are then cached in a dedicated on-chip structure called the micro-op cache. This work presents an in-depth characterisation study of the micro-op cache, reverse-engineering many undocumented features, and further describes attacks that exploit the micro-op cache as a timing channel to transmit secret information.
However, Intel discarded such claims saying their software already has protections against incidental channels, including the micro-op cache incidental channel, and no new mitigations or guidance are needed. Intel informed researchers: “existing mitigations were not being bypassed and that this scenario is addressed in our secure coding guidance.”
In an interview with ArsTechnica, Ashish Venkat, one of the co-authors of the paper, explained constant-time programming is considered to be effective against side-channel attacks. Since these vulnerabilities reside in a CPU, Venkat recommends a microcode patch.
One of the authors warned that vulnerabilities in modern day software still exist largely due to lack of constant-time programming. The performance overhead is high in the case of constant-time programming. It also requires significant deployment changes, making it hard for the programmers.
According to Venkat, AMD too is prone to a separate attack where the attackers can create a cross-thread covert channel that can transmit secrets with a bandwidth of 250 Kbps and an error rate of 5.6 percent. In a response to the paper by the security experts, AMD issued a statement to extremetech stating it has reviewed the research paper and believes existing mitigations were not being bypassed and no new mitigations are required. AMD recommends its existing side-channel mitigation guidance and standard secure coding practices be followed.
Though Intel and AMD have set up virtual fences to fend off the attackers, the researchers warn that the chip makers should still be worried because techniques like transient execution—though still theoretical—still pose serious risks.