English

Exorcising Spectres with Secure Compilers

Programming Languages 2021-09-13 v4

Abstract

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate theses attacks, popular compilers deployed a wide range of countermeasures. The security of these countermeasures, however, has not been ascertained: while some of them are believed to be secure, others are known to be insecure and result in vulnerable programs. To reason about the security guarantees of these compiler-inserted countermeasures, this paper presents a framework comprising several secure compilation criteria characterizing when compilers produce code resistant against Spectre attacks. With this framework, we perform a comprehensive security analysis of compiler-level countermeasures against Spectre attacks implemented in major compilers. This work provides sound foundations to formally reason about the security of compiler-level countermeasures against Spectre attacks as well as the first proofs of security and insecurity of said countermeasures.

Keywords

Cite

@article{arxiv.1910.08607,
  title  = {Exorcising Spectres with Secure Compilers},
  author = {Marco Patrignani and Marco Guarnieri},
  journal= {arXiv preprint arXiv:1910.08607},
  year   = {2021}
}
R2 v1 2026-06-23T11:48:12.842Z