Presentation Material
Abstract
Transient execution attacks have been one of the widely explored microarchitectural side channels since the discovery of Spectre and Meltdown. However, much of the research has been driven by manual discovery of new transient paths through well-known speculative events. Although a few attempts exist in literature on automating transient leakage discovery, such tools focus on finding variants of known transient attacks and explore a small subset of instruction set. Further, they take a random fuzzing approach that does not scale as the complexity of search space increases. In this work, we identify that the search space of bad speculation is disjointedly fragmented into equivalence classes and then use this observation to develop a framework named Shesha, inspired by Particle Swarm Optimization, which exhibits faster convergence rates than state-of-the-art fuzzing techniques for automatic discovery of transient execution attacks. We then use Shesha to explore the vast search space of extensions to the x86 Instruction Set Architecture (ISAs), thereby focusing on previously unexplored avenues of bad speculation. As such, we report five previously unreported transient execution paths in Instruction Set Extensions (ISEs) on new generation of Intel processors. We then perform extensive reverse engineering of each of the transient execution paths and provide root-cause analysis. Using the discovered transient execution paths, we develop attack building blocks to exhibit exploitable transient windows. Finally, we demonstrate data leakage from Fused Multiply-Add instructions through SIMD buffer and extract victim data from various cryptographic implementations.
AI Generated Summary
This research presents an automated framework for discovering transient execution vulnerabilities in modern Intel processors. The core contribution is SESHA, a tool that uses particle swarm optimization (PSO) to systematically search for instruction sequences that trigger “bad speculation” events, such as code assists and machine clears, which can leave microarchitectural traces.
SESHA encodes candidate instruction sequences as mathematical vectors for the PSO algorithm, which organizes particles into sub-swarms focused on specific speculation events. This approach efficiently navigates the vast search space of possible instruction sequences. Applied across multiple Intel client and server generations (11th/12th Gen Core, 3rd/4th Gen Xeon), the framework identified four previously unknown transient leakage variants, some capable of LVI-style data injection.
A detailed case study examined Fused Multiply-Add (FMA) instructions, critical for cryptographic performance. Experiments revealed a speculative forwarding path between the FMA execution unit and the co-located vector unit (handling AVX/SSE) on the same physical core. An attacker-controlled hyperthread can force speculation in the vector unit, causing it to transiently consume and cache data from the FMA unit’s operations. This leaks sensitive intermediate values, such as multiplicative operands in modular exponentiation, from victim cryptographic code (e.g., implementations of CSIDH or SIKE) executing on the sibling hyperthread.
The work demonstrates that automated search can reliably uncover complex, cross-unit transient leakage channels. The primary implication is that widely used, performance-optimized instruction families like FMA introduce new attack surfaces in shared hardware resources, requiring careful consideration in constant-time cryptographic implementations and system isolation designs. The SESHA artifact and findings are reproduced and available.