Presentation: How Performance Optimizations Shatter Security Boundaries

Track: Modern CS in the Real World

Location: St James, 4th flr.

Duration: 4:10pm - 5:00pm

Day of week: Monday

Level: Advanced

Share this on:

Abstract

With the customers demand of high-performance computing, CPU manufacturers deploy more and more sophisticated optimizations in their processors to increase the performance as much as possible. However, these performance optimizations often come with the downside of enabling side-channel attacks to infer sensitive information. With the beginning of this year, two critical vulnerabilities exploiting hardware optimizations in modern processors were disclosed to the public: Meltdown and Spectre. These vulnerabilities, affecting processors of all big manufacturers, allow programs to steal sensitive data processed on personal computers, mobile phones and in the cloud.

In this talk, we explain how the Meltdown and Spectre vulnerabilities exploit hardware optimizations to read otherwise inaccessible data processed on the computer. We explain the necessary background to understand the underlying issue and the uncomfortable security consequences they bring. We share the story of our research group and explain why it is no coincidence that four independent teams of researchers discovered the same vulnerabilities in roughly the same time frame. Furthermore, we discuss countermeasures to protect against these attacks and show how that Meltdown can be prevented entirely in software.

Question: 

What is the focus of your work today?

Answer: 

The work of our Secure Systems group at Graz University of Technology focuses on the secure and efficient implementation of (cryptographic) algorithms, security architectures as well as side-channel and fault attacks. Personally, my main focus is on microarchitectural side-channel attacks on personal computers and mobile devices. We explore the side-effects of hardware implementations, e.g. through the CPU’s cache, that leak sensitive data (cryptographic keys, passwords), or allow to spy on user behavior. On the other hand, we look at possible countermeasures mitigating these attacks.

Question: 

What’s the motivation for this talk?

Answer: 

With the beginning of the year, two major CPU vulnerabilities have been disclosed to the public. Namely, Meltdown and Spectre – These two vulnerabilities exploit performance optimizations done in hardware and allow to read arbitrary memory and therefore, the memory of the kernel and other applications. By doing so, all security assumptions given by address space isolation and paravirtualized environments and, thus, every security mechanism that builds upon this foundation, are broken. We have seen in the past that almost every performance optimization opens a side-channel that could be exploited. With this talk, I not only want to give an overview about Meltdown and Spectre but also want to show that performance is linked to side-channels and that we should optimize for security in the future as well.

Question: 

How you you describe the persona and level of the target audience?

Answer: 

I assume that the target audience has a strong background in software development and practices but probably a smaller background in the actual hardware underneath executing the software. I assume that most people in the audience are not familiar with side-channel attacks. 

Question: 

What do you “that” persona to walk away from your talk knowing that they might not have known 50 minutes before?

Answer: 

I want to illustrate how Meltdown and Spectre works in way that it is comprehensible (maybe with analogies) so that everyone has a basic understanding on how those attacks work. I want to give some basic operating systems background and explain quite simple how the countermeasure against Meltdown is working as well as some information about Spectre mitigations.

People should walk away with an idea about the attacks and the attack potential of side-channel attacks.

Question: 

What trend in the next 12 months would you recommend an early adopter/early majority SWE to pay particular attention to?

Answer: 

I have to admit that I am not that up-to-date with current trends in software development, but in the case of Spectre probably compiler updates and extensions that try to mitigate attacks.

Speaker: Moritz Lipp

Researcher in Information Security at Graz University of Technology

Moritz Lipp is a researcher in information security at Graz University of Technology. He is pursuing his PhD with a strong focus on microarchitectural side-channel attacks on personal computers and mobile devices at the Institute of Applied Information Processing and Communications. His research has been published at top academic conferences and presented on different venues around the world.

Find Moritz Lipp at

Tracks

Monday, 5 March

Tuesday, 6 March

Wednesday, 7 March