It concludes that all processors that perform speculative execution will always remain susceptible to various side-channel attacks, despite mitigations that may be discovered in future.
It is just over a year since the Meltdown and Spectre flaws were first disclosed. Spectre is a hardware vulnerability that affects microprocessors that can potentially be exploited by malware, which can infiltrate data being processed by the CPU.
Researchers found that a malicious programme can exploit the Spectre vulnerability to steal confidential data stored in the memory of other programmes being executed.
Spectre “can enable a website to read data stored in the browser for another website, or even the browser’s memory itself”.
To fix all existing and future Spectre bugs, hardware-makers will need to come up with new CPU microarchitecture designs.
The researchers said: “We now believe that speculative vulnerabilities on today’s hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels.”
Intel has already said it will include some hardware fixes for known and specific hardware bugs in future CPUs.
The researchers offered several potential solutions, including disabling speculative execution entirely, precision timer mitigation and branchless masking. They did note that these mitigations are not without their issues, with performance penalties if they are implemented.
They concluded: “Our models, our mental models, are wrong; we have been trading security for performance and complexity all along and didn’t know it. It is now a painful irony that today, defence requires even more complexity with software mitigations, most of which we know to be incomplete. “And complexity makes these three open problems all that much harder. Spectre is, perhaps, too appropriately named as it seems destined to haunt us for a long time.”