Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs
Hans Winderix, Marton Bognar, Job Noorman, Lesly-Ann Daniel, Frank Piessens
IEEE Symposium on Security and Privacy 2024 · Day 3 · Continental Ballroom 5
In an era where the security of sensitive data is paramount, **microarchitectural side-channel attacks** pose a significant threat, particularly those targeting **control-flow leakage**. These attacks exploit subtle differences in a program's execution characteristics—such as timing, cache usage, or branch predictor state—to infer secret information based on which path a conditional branch took. The talk "Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs" by Hans Winderix and his co-authors introduces a groundbreaking **hardware-software co-design** approach to fundamentally address this problem.
AI review
This research introduces Architectural Mimicry (AM), a groundbreaking hardware-software co-design with a new ISA extension and 'mimic execution' primitive, fundamentally addressing control-flow leakage in data-oblivious programs. It offers provably secure, efficient countermeasures that significantly reduce performance overhead (50-60%) compared to software-only solutions, making robust side-channel protection practical. This work delivers a critical advancement in hardware-assisted security, decoupling security policy from source code.