In the quest for efficiency and performance, edge-computing providers replace process isolation with sandboxes, to support a high number of tenants per machine. While secure against software vulnerabilities, microarchitectural attacks can bypass these sandboxes. In this paper, we present a Spectre attack leaking secrets from co-located tenants in edge computing. Our remote Spectre attack, using amplification techniques and a remote timing server, leaks 2bit/min. This motivates our main contribution, DyPrIs, a scalable process-isolation mechanism that only isolates suspicious worker scripts following a lightweight detection mechanism. In the worst case, DyPrIs boils down to process isolation. Our proof-of-concept implementation augments real-world cloud infrastructure used in production at large scale, Cloudflare Workers. With a false-positive rate of only 0.61%, we demonstrate that DyPrIs outperforms strict process isolation while statistically maintaining its security guarantees, fully mitigating cross-tenant Spectre attacks.
2022, ESORICS 2022: Computer Security, Pages 167-186 (volume: 13555)
Robust and Scalable Process Isolation Against Spectre in the Cloud (04b Atto di convegno in volume)
Schwarzl Martin, Borrello Pietro, Kogler Andreas, Varda Kenton, Schuster Thomas, Schwarz Michael, Gruss Daniel
ISBN: 978-3-031-17145-1; 978-3-031-17146-8