When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, “As it is not easy to fix, it will haunt us for quite some time,” explaining the inspiration behind naming the speculative execution attacks.
Indeed, it’s been more than three years, and there is no end to Spectre in sight.
A team of academics from the University of Virginia and University of California, San Diego, have discovered a new line of attack that bypasses all current Spectre protections built into the chips, potentially putting almost every system — desktops, laptops, cloud servers, and smartphones — once again at risk just as they were three years ago.
The disclosure of Spectre and Meltdown opened a floodgates of sorts, what with endless variants of the attacks coming to light in the intervening years, even as chipmakers like Intel, ARM, and AMD have continually scrambled to incorporate defenses to alleviate the vulnerabilities that permit malicious code to read passwords, encryption keys, and other valuable information directly from a computer’s kernel memory.
A timing side-channel attack at its core, Spectre breaks the isolation between different applications and takes advantage of an optimization method called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets.
“A Spectre attack tricks the processor into executing instructions along the wrong path,” the researchers said. “Even though the processor recovers and correctly completes its task, hackers can access confidential data while the processor is heading the wrong way.”
The new attack method exploits what’s called a micro-operations (aka micro-ops or μops) cache, an on-chip component that decomposes machine instructions into simpler commands and speeds up computing, as a side-channel to divulge secret information. Micro-op caches have been built into Intel-based machines manufactured since 2011.
“Intel’s suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute,” Ashish Venkat, an assistant professor at the University of Virginia and a co-author of the study, said. “But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.”
On AMD Zen microarchitectures, the micro-ops disclosure primitive can be exploited to achieve a covert data transmission channel with a bandwidth of 250 Kbps with an error rate of 5.59% or 168.58 Kbps with error correction, the researchers detailed.
Intel, in its guidelines for countering timing attacks against cryptographic implementations, recommends adhering to constant-time programming principles, a practice that’s easier said than done, necessitating that software changes alone cannot adequately mitigate threats arising out of speculative execution.
“Constant-time programming is not only hard in terms of the actual programmer effort, but also entails high performance overhead and significant deployment challenges related to patching all sensitive software,” Venkat said in a statement shared with The Hacker News. “The percentage of code that is written using Constant Time principles is in fact quite small. Relying on this would be dangerous. That is why we still need to secure the hardware”
The silver lining here is that exploiting Spectre vulnerabilities is difficult. To safeguard from the new attack, the researchers propose flushing the micro-ops cache, a technique that offsets the performance benefits gained by using the cache in the first place, leverage performance counters to detect anomalies in the micro-op cache, and partition it based on the level of privilege assigned to the code and prevent unauthorized code from gaining higher privileges.
“The micro-op cache as a side channel has several dangerous implications,” the researchers said. “First, it bypasses all techniques that mitigate caches as side channels. Second, these attacks are not detected by any existing attack or malware profile. Third, because the micro-op cache sits at the front of the pipeline, well before execution, certain defenses that mitigate Spectre and other transient execution attacks by restricting speculative cache updates still remain vulnerable to micro-op cache attacks.”