Removing Information Leakage from Branch Predictors

For Dr. Tiwari’s Security: Hardware-Software Interface course, Stephen Pruett and I investigated how to prevent side and covert channels in branch predictors. We discovered that static partitioning between concurrent hardware threads (i.e. SMT), combined with predictor state flushing between context switches completely eliminates information leakage at a minimal performance impact. This is unsurprising because typical commercial machines support only a small number of SMT threads, 2 in the case of Intel and 8 in the case of IBM Power8. We also introduced a novel prediction update scheme that ensured predictor state transitions only occurred that were indistinguishable to the attacker. While our new predictor scaled well with many SMT threads, we found the performance to be comparable to a random prediction.

about

I am currently a graduate student working on a Ph.D. in Electrical & Computer Engineering in the SPARK Research Lab. I am supervised by Professor Mohit Tiwari.

Where

search