Daniel Genkin on Spectre and Meltown security flaws
The Department welcomes comments, suggestions and corrections. Send email to editor [at] cs [dot] umd [dot] edu.
What exactly initiated this research? In other words, what are Spectre and Meltdown's origin stories?
The whole topic of microarchitectural attacks has been researched in the community for quite a while. What you see here is a number of ideas coming to fruition. Many side channel attack researchers have suspected various related issues for quite a while. I remember discussing some of these ideas with colleagues as far back as 2016, and I’m sure I was not the first. Of course, none of us actually knew how big the problem is.
As you have discovered this flaw in security using an attack that you've constructed, what are the chances that this or other "microarchitectural attacks" could actually happen in the wild? Particularly now that this flaw has been made eminently public?
It’s not only me, it’s a team effort, involving many people and a lot of work. I cannot speculate about the chances, especially since there are other attacks out there which are easier to exploit and are just as effective (e.g., getting information via phishing).
This flaw may have come at a hardware/software development phase of the Intel and AMD processors (among others) because teams who work on these parts of the processor may not be in conversation with each other. What do you suggest happen during the development of these processors now?
These teams are talking to each other when needed, in particular on security related topics. This is an industry-wide issue, and as such the entire industry comes up with ways to deal with it. The reason why we have this flaw is much deeper, and has nothing to do with miscommunications between teams. No one stopped to consider the effects of speculative execution of instructions on hardware security. It was widely believed that speculative execution had no security implications, and that belief turned out to be false.
In your paper, you mention that the KAISER patch, which can mitigate the Meltdown attack, does nothing for the Spectre attack. The next question is, what can be done?
Spectre is much harder to mitigate, and will take time to properly understand what the effects are, and how to defend against these attacks. There is no simple fix here.
Companies, including Google, have intimated that fixes to these flaws are easily executed. Is that true? If not, why not?
It is not easy, as any update involving millions of machines is never easy. That said, it is possible to make these attacks harder. Mitigating the issue completely will take some time, however.
What can a 'regular user' of computing devices do in the face of possibilities of these sorts of attacks?
Nothing besides making sure that you have installed the latest updates.
Do you plan on giving talks about this research in the immediate future?
I’m currently traveling in Israel and already gave a few talks here. As invitations come in, we distribute them in the team given availability.
Finally, tell me a little bit about yourself. What drew you to security research? When you decided to attend graduate school at the Technion, was that your original plan? What next lies in store for you?
I have enjoyed tinkering and fiddling with things all my life, and trying to see what can and cannot be done is something I simply like doing. Security research fits in with these goals as you are often trying to push the boundary of scientific knowledge. I’m also in debt to my advisors: Professors Eran Tromer (Tel Aviv University) and Yuval Ishai (Technion) for instilling within me the drive and pursuit of science. I should also thank my postdoc hosts Professor Jonathan Katz (UMD) and Professor Nadia Heninger (UPenn) for supporting me and providing a perfect working environment. I’m currently looking for a tenure-track academic position for next year.