Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Libra: Architectural Support For Principled, Secure And Efficient Balanced Execution On High-End Processors (Extended Version)

Hans Winderix, Marton Bognar, Lesly-Ann Daniel, Frank Piessens

TL;DR

This work tackles the CFL threat by challenging the assumption that secret-dependent control flow must be eliminated on modern high-end processors. It introduces Libra, a principled hardware-software contract that enables secure balanced execution by combining software-based folding of secret-dependent regions with targeted hardware support, including a folded memory layout and a level-offset ISA. The authors formalize the semantics, prove the folding transformation correct and secure, and characterize which hardware optimizations leak information, offering concrete design guidelines. Implemented on an out-of-order RISC-V core, Libra achieves balanced-execution overhead on par with insecure balanced code and outperforms state-of-the-art linearization by up to 19.3%, with modest hardware cost. The work provides a practical path to secure, efficient performance for high-end processors without disabling core microarchitectural features, advancing secure compilation for side-channel defenses and informing hardware designers.

Abstract

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against these attacks, yet it comes at a non-negligible cost. Conversely, balancing secret-dependent branches often incurs a smaller overhead, but is notoriously insecure on high-end processors. Hence, linearization has been widely believed to be the only effective countermeasure against CFL attacks. In this paper, we challenge this belief and investigate an unexplored alternative: how to securely balance secret-dependent branches on higher-end processors? We propose Libra, a generic and principled hardware-software codesign to efficiently address CFL on high-end processors. We perform a systematic classification of hardware primitives leaking control flow from the literature, and provide guidelines to handle them with our design. Importantly, Libra enables secure control-flow balancing without the need to disable performance-critical hardware such as the instruction cache and the prefetcher. We formalize the semantics of Libra and propose a code transformation algorithm for securing programs, which we prove correct and secure. Finally, we implement and evaluate Libra on an out-of-order RISC-V processor, showing performance overhead on par with insecure balanced code, and outperforming state-of-the-art linearized code by 19.3%.

Libra: Architectural Support For Principled, Secure And Efficient Balanced Execution On High-End Processors (Extended Version)

TL;DR

This work tackles the CFL threat by challenging the assumption that secret-dependent control flow must be eliminated on modern high-end processors. It introduces Libra, a principled hardware-software contract that enables secure balanced execution by combining software-based folding of secret-dependent regions with targeted hardware support, including a folded memory layout and a level-offset ISA. The authors formalize the semantics, prove the folding transformation correct and secure, and characterize which hardware optimizations leak information, offering concrete design guidelines. Implemented on an out-of-order RISC-V core, Libra achieves balanced-execution overhead on par with insecure balanced code and outperforms state-of-the-art linearization by up to 19.3%, with modest hardware cost. The work provides a practical path to secure, efficient performance for high-end processors without disabling core microarchitectural features, advancing secure compilation for side-channel defenses and informing hardware designers.

Abstract

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against these attacks, yet it comes at a non-negligible cost. Conversely, balancing secret-dependent branches often incurs a smaller overhead, but is notoriously insecure on high-end processors. Hence, linearization has been widely believed to be the only effective countermeasure against CFL attacks. In this paper, we challenge this belief and investigate an unexplored alternative: how to securely balance secret-dependent branches on higher-end processors? We propose Libra, a generic and principled hardware-software codesign to efficiently address CFL on high-end processors. We perform a systematic classification of hardware primitives leaking control flow from the literature, and provide guidelines to handle them with our design. Importantly, Libra enables secure control-flow balancing without the need to disable performance-critical hardware such as the instruction cache and the prefetcher. We formalize the semantics of Libra and propose a code transformation algorithm for securing programs, which we prove correct and secure. Finally, we implement and evaluate Libra on an out-of-order RISC-V processor, showing performance overhead on par with insecure balanced code, and outperforming state-of-the-art linearized code by 19.3%.
Paper Structure (67 sections, 5 theorems, 5 equations, 4 figures, 2 tables, 5 algorithms)

This paper contains 67 sections, 5 theorems, 5 equations, 4 figures, 2 tables, 5 algorithms.

Table of Contents

  1. Introduction
  2. Our Proposal
  3. Additional material
  4. Terminology and Background
  5. Terminology
  6. The Control-Flow Leakage Problem
  7. Control-Flow Leakage Attacks
  8. Control-Flow Balancing
  9. Control-Flow Linearization
  10. This paper
  11. Threat Model
  12. Overview of Libra
  13. Leakage Contract
  14. ISA Extension
  15. How does Libra address unbalanceable leakage?
  16. ...and 52 more sections

Key Result

Proposition 1

For any ${\color{RoyalBlue}\hbox{\unboldmath{$\mathsf{asm}$}}}$ program ${{\color{RoyalBlue}\hbox{\unboldmath{$\mathsf{P}$}}}}$, number of steps $n$, and initial source and target configurations ${\color{RoyalBlue}\hbox{\unboldmath{$\mathsf{\sigma}$}}}{}$ and $\mathbf{\bm{\mathrm{{\color{RedOrange }

Figures (4)

  • Figure 1: A program and its CFG.
  • Figure 2: Syntax of ${\color{RoyalBlue}\hbox{\unboldmath{$\mathsf{asm}$}}}$ and $\mathbf{\bm{\mathrm{{\color{RedOrange }{asm}}}}}$ instructions where $\textcolor{instcolor}{op1}{} \in \{\textcolor{instcolor}{neg}{}, \textcolor{instcolor}{load}{} \dots\}$ and $\textcolor{instcolor}{op2}{} \in \{\textcolor{instcolor}{add}{}, \textcolor{instcolor}{mul}{}, \dots\}$ are non-control-flow-altering unary and binary instructions and $b \in \{\bot, \top\}$ is an immediate boolean operand. A program ${P}$ is a partial mapping from locations to instructions and ${{P[ \ell]}}$ denotes the instruction at location $\ell$.
  • Figure 3: Excerpt of the Libra semantics, where ${\mathit{{\color{black}{\hbox{\unboldmath{$\mathit{q}$}}}}}} \in \{\textcolor{instcolor}{lo}, \textcolor{instcolor}{s}, \varepsilon\}$ and $o{} = \textsl{obs}({\langle m, r, \lambda \cdot (\texttt{bbc}, \texttt{off}) \rangle})$.
  • Figure 4: Definition of $\textsl{obs}^{-}$ according to the Libra leakage contract (excerpt). Other rules (r-unsafe, lr-unsafe, etc.) are analogous.

Theorems & Definitions (20)

  • Definition 1: Basic block
  • Definition 2: Control-flow graph
  • Definition 3: Distance
  • Definition 4: Postdominance
  • Definition 5: Level structure
  • Definition 6: $*$Level slice
  • Definition 7: $*$Secret-dependent region
  • Definition 8: Indistinguishability
  • Definition 9: obs-ONI
  • Example 1: Folding branches
  • ...and 10 more