Topics
Instruction Set Extensions
Instruction Set Extensions are an important area of study within the Security Engineering Chair. Our recent works using various RISC-V platforms demonstrate their critical role in enhancing security and performance in modern computing, from embedded systems up to desktop grade harware.
Our paper Recommendations for a Holistic Secure Embedded ISA Extension explores augmenting an architecture with security-focused instructions to mitigate remote software-based as well as physical fault injection attacks. By utilizing synergies between security primitives and reusing components we achieve a balance between robust defense mechanisms and minimal performance overhead.
Similarly, To Extend or Not to Extend: Agile Masking Instructions for PQC highlights how an instruction set extension can accelerate post-quantum cryptography implementations while maintaining resistance to power side-channel attacks, introducing custom boolean masked operations that provide a significant speedup compared to approaches which synthesize our newly introduced primitives using existing instructions.
Lastly, Three Sidekicks to Support Spectre Countermeasures proposes the addition of conditional move (cmov), custom branch as well as zero-overhead loop (ZOL) instructions, to reduce speculative execution vulnerabilities like Spectre. These enhancements not only mitigate security risks posed by speculation but also optimize performance, showing up to a 16.6% improvement compared to systems that disable speculation.
Collectively, these works underscore the potential of instruction set extensions in achieving secure and efficient computing across diverse domains.
Secure microarchtectures
At the Chair for Security Engineering, one research area focuses on secure microarchitecture, a critical field for data security and privacy. Our research aims to understand and mitigate vulnerabilities in processor microarchitectures that can be exploited through timing side-channel attacks to extract sensitive information. We explore the use of randomization to mask data placement in structures like the cache or TLB, complicating attacks.
ClepsydraCache combines randomization with a temporal aspect, while TLBCoat applies randomization to the TLB. SCARF, a lightweight tweakable block cipher, serves as a secure and fast randomization function. We also study the effect of different replacement policies on the performance and security of randomized caches. While randomization sounds like a promising approach, we also looked at different approaches to dynamically detect and mitigate ongoing attacks on the cache. This is where CIPS, the Cache Intrusion Prevention System, was created. Switching sides from defender to the attacker lead us to the discovery that subsequent writes on an Intel CPU can lead to timing differences, which can be used to build eviction sets for contention-based attacks on cache architectures.
Delving into the realm of Spectre attacks, we developed BasicBlocker, a generic ISA modification that allows secure non-speculative CPUs to achieve performance benefits similar to speculative execution. Additionally, our paper Three Sidekicks to Support Spectre Countermeasures proposes code transformations to reduce the performance overhead of existing Spectre mitigations.