Building Efficient and Secure Processors through Hardware/Software Co-design
Abstract:
After decades of performance-centered research to design modern processors, we have reached a point that efficiency and security are the major concerns. In the post-Moore and post-Spectre era, we need to re-think the fundamental features of processors to build efficient and secure processors for the future.
In this thesis, we first introduce two new speculation-based attacks in modern CPUs that exploit speculative fetch (frontend speculations) and speculative execution (backend speculations) features of processors. These attacks demonstrate the need for comprehensive and efficient defenses; ideal defenses protect secrets in an efficient way through all potential speculation sources and leaking channels.
We propose different solutions in this thesis to solve various fundamental efficiency and security limitations of modern CPUs. Our solutions adopt a hardware/software co-design approach; a clean-slate re-design of hardware and software allows us to provide highly efficient and secure processors with low complexity.
First, we present a non-speculative, compiler-informed out-of-order commit processor that addresses the in-order commit limitations of current CPUs; in-order commit limits the performance benefits of out-of-order execution. Second, we explore different defenses to address speculation-based vulnerabilities. Our solutions provide comprehensive defenses that demonstrate significant performance improvements compared to the state of the art. Interestingly, we propose a defense exclusively designed for cryptographic applications, as the primary targets of attackers since they directly access and process secrets. Counterintuitively, our defense improves performance compared to an unprotected baseline processor while providing the highest security guarantee. Our key insight is that constant-time cryptographic programs are highly regular, and their control flow is constant; branch prediction is not needed in the first place. An efficient hardware/software mechanism can enforce always-correct control flow decisions while eliminating the misprediction penalties of current, unprotected processors.
Finally, we address the fundamental limitation of modern CPUs arising from out-of-order execution; we show that while instructions are executed out-of-order, their order is highly deterministic. This deterministic scheduling makes it easy for attackers to leak sensitive information through physical side channels, like power consumption and electromagnetic radiation. In this thesis, we propose a new instruction scheduling that allows for random and fine-grained instruction reordering without affecting the critical path of the application, hence, minimal performance overhead.
In summary, we show that more intelligent and software-guided instruction execution and resource retirement can provide strong security and high efficiency. We argue that hardware/software co-design is our silver bullet in the post-Moore and post-Spectre era to achieve efficient and comprehensively secure general-purpose processors.