Researchers claim to find new solution for Specter, Meltdown



[ad_1]

Credit: Jaiz Anuar / ShutterstockCredit: Jaiz Anuar / ShutterstockSpectrum and Meltdown shook many PC enthusiasts when they were revealed. These were essentially the first speculative performance flaws to grab the attention of the world and, as they touched to varying degrees the Intel and AMD processors, the Internet had been a cause of concern for several months. Finally, researchers have discovered more and more speculative performance defects. But researchers at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) now believe they have found a way to prevent these attacks.

The researchers called their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent article. This name stands in contrast to Intel 's Technology Allocation Technology (CAT) technology and is meant to prevent attackers from accessing seemingly secure information by exploiting the flaws of the speculative execution process. Best of all, DAWG would need very few resources that CAT did not already use and could be enabled with operating system changes instead of requiring the silicon-integrated fixes that many thought were needed to solve these. problems.

The auxiliary channel attacks revealed at the beginning of the year are mainly aimed at compromising memory data when the processor decides where to go. This would then allow them to collect passwords, encryption keys and other data that they could then use to gain full access to a targeted system. The attacks varied according to the vulnerabilities they exploited and how they could be handled. The merger required updates to the operating system and firmware. Spectrum was thought to require modifications to CPU architectures, but CSAIL said DAWG is blocking Spectrum.

Here's how the researchers summarized their approach with DAWG:

"Unlike existing mechanisms such as CAT, DAWG prohibits access to all protection domains, affecting access paths to items and cache coherence, and DAWG addresses these issues by making minimal changes to systems." 39 modern exploitation, while reducing the area of ​​attack of operating systems to a small number of annotated sections where data is moved from one area of ​​protection to another, or In these few routines, DAWG protection is relaxed and other defense mechanisms such as speculation barriers are applied as needed. "

CSAIL warned that DAWG was not a perfect solution for all side channel attacks. The researchers believe that the system will defend against spectral variants 1 and 2, as well as other vulnerabilities based on similar techniques (they also plan to continue training the DAWG to allow it to bark, defend against such attacks). If they are right and their solution is widely adopted, the impact of Spectrum could be significantly reduced without users having to buy new processors or sacrifice too much performance in exchange for security, as many people do. feared (wrongly).

[ad_2]
Source link