English
Related papers

Related papers: ret2spec: Speculative Execution Using Return Stack…

200 papers

Spectre v1 attacks, which exploit conditional branch misprediction, are often identified with attacks that bypass array bounds checking to leak data from a victim's memory. Generally, however, Spectre v1 attacks can exploit any conditional…

Cryptography and Security · Computer Science 2021-07-05 Ofek Kirzner , Adam Morrison

Modern out-of-order CPUs heavily rely on speculative execution for performance optimization, with branch prediction serving as a cornerstone to minimize stalls and maximize efficiency. Whenever shared branch prediction resources lack proper…

Cryptography and Security · Computer Science 2025-06-10 Yuhui Zhu , Alessandro Biondi

Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels. Specifically, speculatively executed paths due to branch mis-prediction may bring secret data into the cache which are then exposed via cache…

Cryptography and Security · Computer Science 2020-05-26 Guanhua Wang , Sudipta Chattopadhyay , Arnab Kumar Biswas , Tulika Mitra , Abhik Roychoudhury

CPU cache is a limited but crucial storage component in modern processors, whereas the cache timing side-channel may inadvertently leak information through the physically measurable timing variance. Speculative execution, an essential…

Cryptography and Security · Computer Science 2020-02-18 Shengjian Guo , Yueqi Chen , Peng Li , Yueqiang Cheng , Huibo Wang , Meng Wu , Zhiqiang Zuo

Attacks like Spectre abuse speculative execution, one of the key performance optimizations of modern CPUs. Recently, several testing tools have emerged to automatically detect speculative leaks in commercial (black-box) CPUs. However, the…

Cryptography and Security · Computer Science 2023-01-19 Oleksii Oleksenko , Marco Guarnieri , Boris Köpf , Mark Silberstein

Speculative side-channel attacks access sensitive data and use transmitters to leak the data during wrong-path execution. Various defenses have been proposed to prevent such information leakage. However, not all speculatively executed…

Cryptography and Security · Computer Science 2022-12-05 Pavlos Aimoniotis , Christos Sakalis , Magnus Själander , Stefanos Kaxiras

Microarchitectural attacks represent a challenging and persistent threat to modern processors, exploiting inherent design vulnerabilities in processors to leak sensitive information or compromise systems. Of particular concern is the…

Cryptography and Security · Computer Science 2024-10-31 Mohamadreza Rostami , Shaza Zeitouni , Rahul Kande , Chen Chen , Pouya Mahmoody , Jeyavijayan , Rajendran , Ahmad-Reza Sadeghi

Modern microarchitectures incorporate optimization techniques such as speculative loads and store forwarding to improve the memory bottleneck. The processor executes the load speculatively before the stores, and forwards the data of a…

Cryptography and Security · Computer Science 2019-06-04 Saad Islam , Ahmad Moghimi , Ida Bruhns , Moritz Krebbel , Berk Gulmezoglu , Thomas Eisenbarth , Berk Sunar

The recent discovery of the Spectre and Meltdown attacks represents a watershed moment not just for the field of Computer Security, but also of Programming Languages. This paper explores speculative side-channel attacks and their…

Programming Languages · Computer Science 2019-02-15 Ross Mcilroy , Jaroslav Sevcik , Tobias Tebbi , Ben L. Titzer , Toon Verwaest

We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were…

Cryptography and Security · Computer Science 2025-01-23 Nicholas Mosier , Hamed Nemati , John C. Mitchell , Caroline Trippel

Modern processors have suffered a deluge of threats exploiting branch instruction collisions inside the branch prediction unit (BPU), from eavesdropping on secret-related branch operations to triggering malicious speculative executions.…

Cryptography and Security · Computer Science 2022-04-22 Tao Zhang , Timothy Lesch , Kenneth Koltermann , Dmitry Evtyushkin

Spectre, Meltdown, and related attacks have demonstrated that kernels, hypervisors, trusted execution environments, and browsers are prone to information disclosure through micro-architectural weaknesses. However, it remains unclear as to…

Transient execution attacks utilize micro-architectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting…

Cryptography and Security · Computer Science 2020-06-24 Jacob Fustos , Michael Bechtel , Heechul Yun

Performance-enhancing mechanisms such as branch prediction, out-of-order execution, and return stack buffer (RSB) have been widely employed in today's modern processing units. Although successful in increasing the CPU performance,…

Cryptography and Security · Computer Science 2023-02-21 Farhad Taheri , Siavash Bayat-Sarmadi , Alireza Sadeghpour , Seyed Parsa Tayefeh Morsal

Modern microprocessors depend on speculative execution, creating vulnerabilities that enable transient execution attacks. Prior defenses target speculative data leakage but overlook false dependencies from partial address aliasing, where…

Cryptography and Security · Computer Science 2026-01-30 Gayathri Subramanian , Girinath P , Nitya Ranganathan , Kamakoti Veezhinathan , Gopalakrishnan Srinivasan

Recently discovered Spectre and meltdown attacks affects almost all processors by leaking confidential information to other processes through side-channel attacks. These vulnerabilities expose design flaws in the architecture of modern…

Cryptography and Security · Computer Science 2020-06-03 Bilal Ali Ahmad

Recent research has revealed an ever-growing class of microarchitectural attacks that exploit speculative execution, a standard feature in modern processors. Proposed and deployed countermeasures involve a variety of compiler updates,…

Cryptography and Security · Computer Science 2022-08-17 Jan Philipp Thoma , Jakob Feldtkeller , Markus Krausz , Tim Güneysu , Daniel J. Bernstein

The Spectre vulnerability in modern processors has been widely reported. The key insight in this vulnerability is that speculative execution in processors can be misused to access the secrets. Subsequently, even though the speculatively…

Cryptography and Security · Computer Science 2019-11-13 Guanhua Wang , Sudipta Chattopadhyay , Ivan Gotovchits , Tulika Mitra , Abhik Roychoudhury

Spectre and Meltdown attacks and their variants exploit hardware performance optimization features to cause security breaches. Secret information is accessed and leaked through covert or side channels. New attack variants keep appearing and…

Cryptography and Security · Computer Science 2020-12-24 Zecheng He , Guangyuan Hu , Ruby Lee

Spectre attacks and their many subsequent variants are a new vulnerability class affecting modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by exploiting the branch prediction structures, to execute…

Cryptography and Security · Computer Science 2019-12-06 Esmaeil Mohammadian Koruyeh , Shirin Haji Amin Shirazi , Khaled N. Khasawneh , Chengyu Song , Nael Abu-Ghazaleh