Jun 6, 2:00 – 3:15 PM
79 RSVPs
Information security is of paramount importance in computing systems, especially in secure and complex high-performance applications. Vulnerabilities can be introduced during both software and hardware development stages. Microarchitectural features designed to boost performance, such as speculative execution, make this even more challenging. These features include out-of-order execution, prefetching, and branch prediction.
Finding a balance between performance and security is both interesting and challenging. For example, recent vulnerabilities such as Spectre, Meltdown, and Go Fetch highlight these challenges. Go Fetch is a vulnerability affecting Apple silicon devices, while Spectre and Meltdown were more widespread, impacting many more devices. All these vulnerabilities are exploited using cache timing side channels.
Side-channel attacks are not limited to timing side channels. They can be applied to any method of gathering secret information by monitoring changes in shared mediums within a processor. These can be purely physical, such as electromagnetic interference (EMI) and changes in power consumption, or microarchitectural, such as cache state or differences in execution time. All these methods can reveal secure information, whether it is a password, encryption key, or any other sensitive data. Timing side channels are typically used to exploit other vulnerable implementations in hardware and software. Caches are the most popular side channels and are crucial since they are present in every system and are surrounded by various speculative accesses. Care must be taken while developing hardware and software that handle sensitive information to ensure secure computing.
Imagination Technologies
Senior Design Engineer
RISC-V International
Technical Program Manager
Contact Us