ReCon Implementation: A Load Pair-Tracking Mechanism to Lift Security Protections on a RISC-V Processor

Modern computer processors have become extremely complex, following Moore's law and growing the number of transistors exponentially through the years. As computer systems play increasingly critical roles in our daily lives, from simple tasks such as protecting personal data and passwords to managing global banking operations, safeguarding military secrets, and securing cryptocurrency keys; processors must ensure the highest levels of dependability and security. In recent years, the world has encountered new types of security risks known as "speculative side-channel attacks". These attacks exploit vulnerabilities in the time gap between the time when a processor executes an instruction and when it confirms the instruction's validity, exposing secret data, even that in so-called protected address space, and making it observable to an external party. To address this security issue, mechanisms such as Non-speculative Data Access (NDA), Speculative Taint Tracking (STT), and Speculative Privacy Tracking (SPT) have been proposed. These methods prevent instructions from propagating secrets by blocking instructions from propagating to the rest of the architecture until they are considered finalized. This proposed security mechanisms all incur a performance hit due to the newly imposed limitations on memory parallelism, trading the reduction in performance for an increased level of security. A recently proposed mechanism denominated ReCon aims to reduce these performance limitations by lifting the restrictions on pairs of directly-dependent load instructions (such as those in pointer dereferencing) that have been previously "leaked" and for which keeping a secret is no longer relevant. This enables an improved performance by taking advantage of speculative execution for subsequent loads targeting this leaked data. The work of this thesis aims to demonstrate the feasibility and effectiveness of implementing ReCon on a real and fully-functional RISC-V processor, specifically the BOOM core. It will analyze the performance and cost of this implementation in mitigating speculative execution attacks.