Treffer: A framework for leaking secrets to past instructions.

Transient execution attacks use microarchitectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting footprints in the micro-architectural state, for example, a cache state change, from which the secret is recovered after the transient execution is completed. In this paper, we present SpectreRewind, a new approach to create and exploit contention-based covert channels for transient execution attacks. In our approach, a covert channel is established by issuing the necessary instructions logically before the transiently executed victim code. Unlike prior contention-based covert channels, which require simultaneous multi-threading (SMT), SpectreRewind works on a single hardware thread and does not require SMT. We show that contention on the floating point division unit on commodity out-of-order processors can be used to create a high-performance (∼ 100 KB/s), low-noise covert channel for transient execution attacks instead of commonly used flush+reload-based cache covert channels. We also show that the proposed covert channel works in the JavaScript sandbox environment of a Chrome browser and can be used in a Meltdown attack. [ABSTRACT FROM AUTHOR]

Copyright of Journal of Cryptographic Engineering is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)