Hardware sharing among the cloud tenants have made micro-architectural attacks a potent threat on the execution of cryptographic algorithms on cloud platforms. Branch predictors, which are one of the most important and evolved artifacts of modern day processors designed traditionally with performance as the sole objective, have been shown to expose a sweet spot for attackers. The vulnerability of Branch Prediction Unit was first demonstrated in (ASK06) using timing side channel information from a standard RSA implementation. The variations of the timing information was performed utilizing the underlying Branch Prediction Unit (BPU), using both synchronous and asynchronous techniques. A more sophisticated form of the branch prediction attack were demonstrated on recent Intel processors in (BM15), which utilize the strong correlation between the branch mispredictions from the victim system BPU, observed using Hardware Performance Counters (HPCs) and that from a simplistic classic BPU model to retrieve the complete secret exponent of public key cryptosystems, like RSA. A differential attack using branch misprediction events has also been carried out elaborately in (BM14). In addition to targeting cryptographic algorithms, side channels on the BPU can be used to perform other types of side-channel attacks, such as deriving kernel and user-level ASLR offset (EPA16b), or covert channels (EPA15; EPA16a). Evtyushkin et.al (EPA15) introduced a new covert channel to perform secret communication between the Trojan and the spy processes which exploits the residual state of dynamic branch predictor behavior of the system. A recent work named BranchScope (ERAP18) from the same group of authors target the directional branch predictor and show a series of steps which can force the complex structure of hybrid predictors to collide to the same data structure. These attacks have become more relevant with the promotion of large scale cloud computing, where the same hardware is being shared by cloud tenants. Thus potential leakages via these BPU units can drastically affect security in clouds, which is of utmost importance. An architectural design strategy keeping security as its the primary objective is not much explored in the literature. I will discuss on a secure design of branch predictor: λ-confidence predictor which invalidates the direct proportionality of branch mispredictions from known predictor structures. The secure predictor also introduces a hashed indexing scheme which is essential to prevent branch collision based attacks on the shared table structures such as BTB and PHT.
Slide deck