[Cryptography] Speculation considered harmful?

Bill Frantz frantz at pwpconsult.com
Tue Jan 9 18:39:19 EST 2018 

On 1/9/18 at 1:36 PM, cryptography at dukhovni.org (Viktor 
Dukhovni) wrote:

>>On Jan 9, 2018, at 2:42 PM, Jerry Leichter <leichter at lrw.com> wrote:
>>
>>Spectre involves code within one hardware security domain gaining access to information *within the
>same security domain*.
>
>My reading of the Spectre paper finds no such constraint.
>Concurrent execution that trips over the vulnerable "gadget"
>seems to suffice even across process boundaries.  Did I miss
>some crucial text that narrows the exposure?

My reading is the same as Victor's. Note that the Branch Target 
Buffer is addressed by virtual address -- sometimes just a 
truncation of a virtual address. It does not have address space 
information or process ID or anything which would confine it to 
one process/security domain.

To quote from the Spectre paper:

     In most cases,  the attack begins with a setup phase,
     where  the  adversary  performs  operations  that  mistrain
     the  processor  so  that  it  will  later  make  an  exploitably
     erroneous speculative prediction.  In addition, the setup
     phase  usually  includes  steps  to  that  help  induce  spec-
     ulative execution, such as performing targeted memory
     reads that cause the processor to evict from its cache a
     value that is required to determine the destination of a
     branching instruction.   During the setup phase,  the ad-
     versary  can  also  prepare  the  side  channel  that  
will  be
     used for extracting the victim’s information, e.g. by per-
     forming  the  flush  or  evict  portion  of  a  
flush+reload  or
     evict+reload attack.

     During the second phase, the processor speculatively
     executes instruction(s) that transfer confidential informa-
     tion  from  the  victim  context  into  a  microarchitectural
     side channel.

Cheers - BIll
-----------------------------------------------------------------------
Bill Frantz        | I like the farmers' market   | Periwinkle
(408)356-8506      | because I can get fruits and | 16345 
Englewood Ave
www.pwpconsult.com | vegetables without stickers. | Los Gatos, 
CA 95032

More information about the cryptography mailing list