Researchers have created a new system which is able to reduce the risk of memory-based attacks such as Meltdown and Spectre.
First uncovered back in January, the vulnerabilities have existed in most Intel CPUs since 1995, alongside some AMD and ARM processors. The security issues can provide the environment needed to conduct timing attacks due to modern CPU design faults.
In the cases of Meltdown and Spectre, cyberattackers are able to exploit how memory processes work in firmware. Processors do not sit idle; they compute countless decisions and complete tasks in the nanoseconds -- and in order to boost the power of this hardware, engineers have utilized what is known as speculative execution.
In other words, processors are able to execute instructions while it waits for memory. Once the memory facet is ready, unnecessary instructions are discarded.
Speed is given a boost but the design trick has also created a pathway for attackers to make a processor speculative execute code, potentially leading to memory access and data leaks.
The vulnerabilities impact everything from consumer PCs to cloud service providers worldwide, with many industry analysts believing that chip redesigns are the only way to properly protect against these timing attacks -- while maintaining the performance levels they were designed for.
Patches have been developed to protect against Meltdown and Spectre with vendors including Apple, Microsoft, and the Linux team deploying these fixes -- however, the performance of Meltdown/Spectre-vulnerable hardware is sometimes slowed.
Intel, for example, has released security fixes which the company claims makes processors "immune" to both attacks.
However, researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) believe the security fix can be improved for future chips.
"These attacks fundamentally changed our understanding of what's trustworthy in a system, and force us to re-examine where we devote security resources," says Ilia Lebedev, researcher and Ph.D. student at MIT CSAIL. "They've shown that we need to be paying much more attention to the microarchitecture of systems."
Lebedev and his team at MIT CSAIL are working on a system which they say is a more effective alternative to protecting modern PC architecture against timing attacks, and the invention has proven to be more secure than Intel's "Cache Allocation Technology" (CAT).
Intel employed CAT back in 2016. Using the analogy of a kitchen, MIT CSAIL says that while Intel's solution has chefs working in different sections -- in memory -- and they all know their own particular recipes and ingredients, leaks of the recipe can still occur.
The team's solution, in contrast, builds walls between the chefs, their ingredients, and recipes, and prevents communication which could lead to information leaks.
The 'chefs,' in this case, are "protection domains" which are walled off by "secure way partitioning" in the cache memory.
The counterpart system, labeled the Dynamically Allocated Way Guard (DAWG) in a hat-tip to Intel's CAT, splits the cache into multiple buckets.
In a paper describing the research (.PDF), the team described how their system is able to fully isolate programs through the cache, preventing data leaks and securing the channel currently used for timing attacks.
During testing, the team said they found that DAWG was not only comparable to CAT in performance, but also required "minimal" modifications to modern systems to implement.
"We think this is an important step forward in giving computer architects, cloud providers, and other IT professionals a better way to efficiently and dynamically allocate resources," says Vladimir Kiriansky, lead author of the paper. "It establishes clear boundaries for where sharing should and should not happen so that programs with sensitive information can keep that data reasonably secure."
The team has warned that DAWG is not yet a silver bullet for Meltdown and Spectre-style attacks, but in terms of improving the way vendors are currently protecting hardware against them, anything which requires few modifications and may not impact processor performance is of worth.
MIT CSAIL is now working on refining DAWG to stop all of the speculative-execution attack types which we currently know about.
"There's a tension between performance and security that's come to a head for a community of architecture designers that have always tried to share as much as possible in as many places as possible," Lebedev says. "On the other hand, if security was the only priority, we'd have separate computers for every program we want to run so that no information could ever leak, which obviously isn't practical. DAWG is part of a growing body of work trying to reconcile these two opposing forces."
The research will be presented next week at the IEEE/ACM International Symposium on Microarchitecture (MICRO) in Fukuoka City, Japan.