Researchers at the Massachusetts Institute of Technology (MIT) have unveiled a system, the Dynamically Allocated Way Guard (DAWG), which they claim could head-off attacks of the Spectre and Meltdown variety.
The announcement of the Spectre and Meltdown families of security vulnerabilities, encoded in the very silicon of most modern processors as an unforeseen consequence of features added to improve performance, back in January triggered the start of an annus horribilis for the semiconductor industry - in particular Intel, which remains the vendor most badly affected by the flaws and which was forced to release performance-sapping security patches which had an unfortunate tendency to crash systems.
Since the original variants were unveiled, new versions have been coming to light: Spectre Variant 4, Variant 1.1 and 1.2, SpectreRSB, and the remotely-exploitable NetSpectre to name but a handful. While Intel's latest CPUs include hardware protection against some variants, others rely on microcode or software patches - but a new protection technique from MIT researchers could solve the problem.
'These attacks fundamentally changed our understanding of what's trustworthy in a system, and force us to re-examine where we devote security resources, explains Ilia Lebedev, a PhD student at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL), of his team's investigations into the Meltdown and Spectre vulnerabilities. 'They've shown that we need to be paying much more attention to the microarchitecture of systems.'
The team's work builds on Intel's Cache Allocation Technology (CAT), introduced in 2016 to improve security but which failed to go far enough to prevent Spectre and Meltdown. Playfully dubbed DAWG, somewhat awkwardly backronymed as 'Dynamically Allocated Way Guard', the system provides a method to completely isolate each program thread from others - and, crucially, has a minimal performance impact above that of CAT while requiring only minor modifications to the underlying operating system to implement.
'We think this is an important step forward in giving computer architects, cloud providers and other IT professionals a better way to efficiently and dynamically allocate resources,' claims lead author Vladimir Kiriansky. 'It establishes clear boundaries for where sharing should and should not happen, so that programs with sensitive information can keep that data reasonably secure.'
While DAWG shows promise for protection against both current and future Spectre and Meltdown attacks, it's not a panacea: The team warns that the system hasn't yet been developed to the point where it can protect against the full spectrum of currently-known attacks, though it is confident it will be able to do so with future development. Kiriansky is also hopeful that Intel will be interested in adopting the technique, or one substantially similar: 'With all the negative PR that's come up, companies like Intel have the incentives to get this right,' he claims. 'The stars are aligned to make an approach like this happen.'
The team's paper on DAWG is available in the IACR Cryptology ePrint Archive (PDF warning).
November 22 2019 | 13:00