Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors
Anirban Chakraborty
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
This talk introduces Shesha, an innovative automated framework designed to discover novel microarchitectural leakage vulnerabilities in modern Intel processors. Given the increasing complexity of processor designs and the subtle nature of transient execution side channels, manual discovery of these vulnerabilities is an arduous and time-consuming task, often requiring specialized expertise and sophisticated mechanisms. Shesha addresses this challenge by leveraging **Particle Swarm Optimization (PSO)**, an evolutionary algorithm, to systematically explore the vast instruction sequence space and identify specific sequences that trigger "bad speculation" events, which can subsequently lead to data leakage.
AI review
This research introduces Shesha, a groundbreaking PSO-based framework for automated discovery of microarchitectural transient execution vulnerabilities, uncovering novel FMA-to-Vector unit leakage. This critical finding directly impacts cryptographic implementations, demanding immediate attention from processor architects and security engineers.