Skip to main content

TS

No security without time protection: we need a new hardware-software contract

Authors

Qian Ge, Yuval Yarom and Gernot Heiser

DATA61

Best Paper Award! Complete timing-channel data for evaluated x86 and Arm platforms.

Abstract

The recent Spectre exploits demonstrated that covert timing channels are a mainstream security threat. Their prevention requires that operating systems provide time protection, in addition to the established memory protection. We propose OS mechanisms and designs which provide time protection, and define requirements on the hardware to enable them. We demonstrate that present mainstream processors do not meet these requirements, making them inherently insecure. We argue the need for a new security-oriented hardware-software contract, which we call the aISA as it augments the ISA, in order to enable time protection.

BibTeX Entry

  @inproceedings{Ge_YH_18,
    publisher        = {ACM SIGOPS},
    doi              = {10.1145/3265723.3265724},
    booktitle        = {Asia-Pacific Workshop on Systems (APSys)},
    author           = {Ge, Qian and Yarom, Yuval and Heiser, Gernot},
    year             = {2018},
    month            = aug,
    date             = {2018-8-27},
    title            = {No Security Without Time Protection: We Need a New Hardware-Software Contract},
    address          = {Korea}
  }

Download

Served by Apache on Linux on seL4.