Computer scientists from the University of California, the College of William and Mary, and Binghamton University have published a paper detailing a new
Computer scientists from the University of California, the College of William and Mary, and Binghamton University have published a paper detailing a new «design principle» that avoids speculative execution vulnerabilities.
Researchers says that the SafeSpec model supports «speculation in a way that is immune to the sidechannel leakage necessary for attacks such as Meltdown and Spectre «. Importantly, the design also avoids the problems associated with other Meltdown/Spectre fixes.
See also:
In a paper entitled «SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation», six researchers «explore whether speculation can be made leakage free in a principled way, enabling CPUs to retain the performance advantages of speculation while removing the security vulnerabilities that speculation exposes». With this in mind, SafeSpec stores the speculative state «in temporary structures that are not accessible by committed instructions».
The team says in its paper that SafeSpec does not suffer with any of the performance issues associated with Meltdown and Spectre patches, not does it break Google’s Retpoline technique for preventing branch-target-injection.
Importantly, SafeSpec protects not only against the known variants of Spectre and Meltdown, but also new variants developed by the researchers as part of its work — and the team says that using the design actually helped to improve CPU performance.
There is still work to do, and you should not expect to see speculative execution vulnerabilities wiped about in the near future. However, the researchers believe that the design «represents a first step in many towards a principled protection»against such vulnerabilities.
Image credit: Production Perig / Shutterstock
