We present Serberus, the first comprehensive mitigation for hardening constant-time (CT) code against Spectre attacks (involving the PHT, BTB, RSB, STL and/or PSF speculation primitives) on existing hardware. Serberus is based on three insights. First, some hardware control-flow integrity (CFI) protections restrict transient control-flow to the extent that it may be comprehensively considered by software analyses. Second, conformance to the accepted CT code discipline permits two code patterns that are unsafe in the post-Spectre era. Third, once these code patterns are addressed, all Spectre leakage of secrets in CT programs can be attributed to one of four classes of taint primitives--instructions that can transiently assign a secret value to a publicly-typed register. We evaluate Serberus on cryptographic primitives in the OpenSSL, Libsodium, and HACL* libraries. Serberus introduces 21.3% runtime overhead on average, compared to 24.9% for the next closest state-of-the-art software mitigation, which is less secure.

翻译：我们提出Serberus，这是首个在现有硬件上针对Spectre攻击（涉及PHT、BTB、RSB、STL和/或PSF推测原语）强化恒定时间（CT）代码的全面缓解方案。Serberus基于三个洞察：首先，某些硬件控制流完整性（CFI）保护机制将瞬态控制流限制到软件分析可以全面考虑的程度；其次，遵循公认的CT代码规范允许两种在后Spectre时代不安全的代码模式；第三，一旦解决这些代码模式，CT程序中所有秘密信息的Spectre泄露均可归因于四类污点原语——即能够将秘密值瞬态赋值给公开类型寄存器的指令。我们在OpenSSL、Libsodium和HACL*库的密码学原语上评估了Serberus。Serberus平均引入21.3%的运行时开销，而安全性较低的次优现有软件缓解方案为24.9%。