English
Related papers

Related papers: GhostKnight: Breaching Data Integrity via Speculat…

200 papers

Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a branch depends on a memory value that is in the process of being read, CPUs will try guess the destination and…

Cryptography and Security · Computer Science 2018-01-08 Paul Kocher , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , Yuval Yarom

Transient execution attacks, also called speculative execution attacks, have drawn much interest as they exploit the transient execution of instructions, e.g., during branch prediction, to leak data. Transient execution is fundamental to…

Cryptography and Security · Computer Science 2020-09-01 Wenjie Xiong , Jakub Szefer

Practical attacks that exploit speculative execution can leak confidential information via microarchitectural side channels. The recently-demonstrated Spectre attacks leverage speculative loads which circumvent access checks to read…

Cryptography and Security · Computer Science 2018-07-11 Vladimir Kiriansky , Carl Waldspurger

Reasoning about correctness and security of software is increasingly difficult due to the complexity of modern microarchitectural features such as out-of-order execution. A class of security vulnerabilities termed Spectre that exploits side…

Programming Languages · Computer Science 2020-04-02 Robert J. Colvin , Kirsten Winter

Spectre attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's…

Hardware Architecture · Computer Science 2023-06-14 Conor Green , Cole Nelson , Mithuna Thottethodi , T. N. Vijaykumar

Speculative execution is an optimization technique that has been part of CPUs for over a decade. It predicts the outcome and target of branch instructions to avoid stalling the execution pipeline. However, until recently, the security…

Cryptography and Security · Computer Science 2018-08-21 Giorgi Maisuradze , Christian Rossow

Speculative execution which is used pervasively in modern CPUs can leave side effects in the processor caches and other structures even when the speculated instructions do not commit and their direct effect is not visible. The recent…

Cryptography and Security · Computer Science 2018-06-19 Khaled N. Khasawneh , Esmaeil Mohammadian Koruyeh , Chengyu Song , Dmitry Evtyushkin , Dmitry Ponomarev , Nael Abu-Ghazaleh

Speculative attacks such as Spectre can leak secret information without being discovered by the operating system. Speculative execution vulnerabilities are finicky and deep in the sense that to exploit them, it requires intensive manual…

Cryptography and Security · Computer Science 2025-04-04 Evan Lai , Wenjie Xiong , Edward Suh , Mohit Tiwari , Mulong Luo

Recent security vulnerabilities that target speculative execution (e.g., Spectre) present a significant challenge for processor design. The highly publicized vulnerability uses speculative execution to learn victim secrets by changing cache…

Speculative execution attacks leverage the speculative and out-of-order execution features in modern computer processors to access secret data or execute code that should not be executed. Secret information can then be leaked through a…

Cryptography and Security · Computer Science 2023-02-03 Guangyuan Hu , Zecheng He , Ruby Lee

Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels. Specifically, speculatively executed paths due to branch mis-prediction may bring secret data into the cache which are then exposed via cache…

Cryptography and Security · Computer Science 2020-05-26 Guanhua Wang , Sudipta Chattopadhyay , Arnab Kumar Biswas , Tulika Mitra , Abhik Roychoudhury

Runahead execution is a continuously evolving microarchitectural technique for processor performance. This paper introduces the first transient execution attack on the runahead execution, called SPECRUN, which exploits the unresolved branch…

Hardware Architecture · Computer Science 2023-12-05 Chaoqun Shen , Gang Qu , Jiliang Zhang

Research on transient execution attacks including Spectre and Meltdown showed that exception or branch misprediction events might leave secret-dependent traces in the CPU's microarchitectural state. This observation led to a proliferation…

Speculative execution techniques have been a cornerstone of modern processors to improve instruction-level parallelism. However, recent studies showed that this kind of techniques could be exploited by attackers to leak secret data via…

Cryptography and Security · Computer Science 2021-07-20 Bowen Tang , Chenggang Wu , Zhe Wang , Lichen Jia , Pen-Chung Yew , Yueqiang Cheng , Yinqian Zhang , Chenxi Wang , Guoqing Harry Xu

Transient execution attacks that exploit speculation have raised significant concerns in computer systems. Typically, branch predictors are leveraged to trigger mis-speculation in transient execution attacks. In this work, we demonstrate a…

Cryptography and Security · Computer Science 2021-11-02 Md Hafizul Islam Chowdhuryy , Fan Yao

Spectre v1 attacks, which exploit conditional branch misprediction, are often identified with attacks that bypass array bounds checking to leak data from a victim's memory. Generally, however, Spectre v1 attacks can exploit any conditional…

Cryptography and Security · Computer Science 2021-07-05 Ofek Kirzner , Adam Morrison

Spectre and Meltdown attacks and their variants exploit hardware performance optimization features to cause security breaches. Secret information is accessed and leaked through covert or side channels. New attack variants keep appearing and…

Cryptography and Security · Computer Science 2020-12-24 Zecheng He , Guangyuan Hu , Ruby Lee

Transient execution attacks utilize micro-architectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting…

Cryptography and Security · Computer Science 2020-06-24 Jacob Fustos , Michael Bechtel , Heechul Yun

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were…

Cryptography and Security · Computer Science 2025-01-23 Nicholas Mosier , Hamed Nemati , John C. Mitchell , Caroline Trippel
‹ Prev 1 2 3 10 Next ›