Explore a comprehensive conference talk on SPECCFI, a novel approach to mitigating Spectre attacks using Control-Flow Integrity (CFI) informed speculation. Delve into the intricacies of this security technique designed to prevent speculative control-flow hijacking in modern CPUs. Learn about the implementation of CFI principles to constrain illegal control-flow during speculative execution, focusing on both forward and backward control-flow paths. Discover how SPECCFI combines with existing solutions to address all known non-vendor-specific Spectre vulnerabilities. Examine the talk's coverage of micro-architectural attacks, Spectre attack steps, related work, and ISA extensions. Gain insights into the main design, including CFG computation, SPECCFI under attack scenarios, and backward-edge defense mechanisms. Analyze the implementation details, security evaluation, and performance assessment of this innovative approach to enhancing CPU security against speculative execution vulnerabilities.
Mitigating Spectre Attacks Using CFI Informed Speculation
Overview
Syllabus
Intro
Micro-Architectural Attacks
Spectre Attack Steps
Related Work
Instructions Set Architecture (ISA) Extension
Main design: compute CFG(2)
SPECCFI Under Attack
Backward-edge Defense
Implementation
Security Evaluation
Performance Evaluation
Taught by
IEEE Symposium on Security and Privacy
