This work addresses a novel side-channel vulnerability enabled by Data Memory-dependent Prefetchers (DMPs), which can exploit stationary secret keys in memory to leak information—even when the program handles keys in a constant-time manner and avoids unsafe usage patterns. The authors propose a compiler-level defense that transforms memory operations to ensure secret keys never appear in memory as valid address-like values, thereby preventing DMP activation. Crucially, this approach requires neither disabling the DMP nor knowledge of its internal implementation, relying only on the common property that DMPs trigger on data resembling virtual addresses. Implemented in LLVM for the AArch64 architecture, the technique effectively mitigates DMP-based side-channel attacks on libsodium cryptographic primitives on Apple M-series CPUs, with modest and acceptable performance overhead.

Traditional side-channels take advantage of secrets being used as inputs to unsafe instructions, used for memory accesses, or used in control flow decisions. Constant-time programming, which restricts such code patterns, has been widely adopted as a defense against these vulnerabilities. However, new hardware optimizations in the form of Data Memory-dependent Prefetchers (DMP) present in Apple, Intel, and ARM CPUs have shown such defenses are not sufficient. These prefetchers, unlike classical prefetchers, use the content of memory as well as the trace of prior accesses to determine prefetch targets. An adversary abusing such a prefetcher has been shown to be able to mount attacks leaking data-at-rest; data that is never used by the program, even speculatively, in an unsafe manner. In response, this paper introduces SplittingSecrets, a compiler-based tool that can harden software libraries against side-channels arising from DMPs. SplittingSecrets's approach avoids reasoning about the complex internals of different DMPs and instead relies on one key aspect of all DMPs: activation requires data to resemble addresses. To prevent secret data from leaking, SplittingSecrets transforms memory operations to ensure that secrets are never stored in memory in a manner resembling an address, thereby avoiding DMP activation on those secrets. Rather than disable a DMP entirely, SplittingSecrets can provide targeted hardening for only specific secrets entirely in software. We have implemented SplittingSecrets using LLVM, supporting both source-level memory operations and those generated by the compiler backend for the AArch64 architecture, We have analyzed the performance overhead involved in safeguarding secrets from DMP-induced attacks using common primitives in libsodium, a popular cryptographic library when built for Apple M-series CPUs.