Citadel Develops Secure Memory Sharing Against Spectre Attacks
/ 1 min read
🛡️💡 Citadel introduces a new approach to secure memory sharing against Spectre attacks. Researchers have developed a security property called relaxed microarchitectural isolation (RMI) that enables sensitive programs to share memory with potential attackers while minimizing information leakage. By leveraging microarchitectural isolation and simple hardware mechanisms, Citadel effectively enforces RMI, balancing security, usability, and performance. The system includes two defense mechanisms: Safe mode, which disables speculative memory accesses, and Burst mode, which optimizes performance through program analysis. An FPGA-based multicore processor prototype running Linux demonstrated the ability to execute secure applications, such as cryptographic libraries, with less than 5% performance overhead, showcasing the practical viability of this approach.
