Cache and Speculative Side Channel Attacks: A Comprehensive Review
摘要
Modern processors have achieved significant performance enhancements through the implementation of speculative execution. These enhancements stem from hardware optimizations that not only improve performance but also introduce side channels, which are exploited to undermine the system’s security model. Following the discovery of Spectre, which revealed that speculative execution pipelines could bypass security boundaries, nearly all microarchitectural structures and hardware optimizations have become targets for exploitation. In the wake of these attacks, the immediate response from organizations releasing mitigation patches led to noticeable performance degradation overnight, without fully addressing the underlying issues. This paper provides a comprehensive review of architecture-agnostic attacks on modern computing systems, tracing their evolution from the initial emergence of Spectre to contemporary attacks targeting Apple Silicon. We detail the mechanisms of these attacks, the environments in which they are exploited, and their broader security implications. Furthermore, we analyze various mitigation strategies that have been proposed, acknowledging that these strategies often fail to fully resolve the issues and typically incur a performance cost. These mitigation patterns include proposed changes in operating systems, hardware, and compilers. This review aims to provide researchers and architects with the foundational knowledge needed to develop more effective mitigation strategies that address the vulnerabilities while minimizing performance overhead.