An exploration of effective fuzzing for side‐channel cache leakage

Basu, Tiyash; Aggarwal, Kartik; Wang, Chundong; Chattopadhyay, Sudipta

doi:10.1002/stvr.1718

Cited by 8 publications

(3 citation statements)

References 33 publications

(60 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a result, side channels in software tend to partition the input space according to traits, removing the need to explicitly check the partitioning. Fuzzing is another widely used technique for side-channel analysis [36], [8], [3], [59], [37], usually aimed at efficiently determining if sidechannel vulnerabilities are present in software. In future work, we plan to explore whether fuzzing might offer some benefits for efficiently exploring the space of hyperparameters to find values where no sensitive information is leaked.…”

Section: Workmentioning

confidence: 99%

Timing Channels in Adaptive Neural Networks

Akinsanya,

Brennan

2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Current machine learning systems offer great predictive power but also require significant computational resources. As a result, the promise of a class of optimized machine learning models, called adaptive neural networks (ADNNs), has seen recent wide appeal. These models make dynamic decisions about the amount of computation to perform based on the given input, allowing for fast predictions on "easy" input. While various considerations of ADNNs have been extensively researched, how these input-dependent optimizations might introduce vulnerabilities has been hitherto under-explored. Our work is the first to demonstrate and evaluate timing channels due to the optimizations of ADNNs with the capacity to leak sensitive attributes about a user's input. We empirically study six ADNNs types and demonstrate how an attacker can significantly improve their ability to infer sensitive attributes, such as class label, of another user's input from an observed timing measurement. Our results show that timing information can increase an attacker's probability of correctly inferring the attribute of the user's input by up to a factor of 9.89x. Our empirical evaluation uses four different datasets, including those containing sensitive medical and demographic information, and considers leakage across a variety of sensitive attributes of the user's input. We conclude by demonstrating how timing channels can be exploited across the public internet in two fictitious web applications -Fictitious Health Company and Fictitious HR -that make use of ADNNs for serving predictions to their clients.

show abstract

Section: Workmentioning

confidence: 99%

Timing Channels in Adaptive Neural Networks

Akinsanya,

Brennan

2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…In addition to power side-channel attacks, there are other types of side-channel attacks against cryptographic programs, where the side channels can be in the form of, e.g., CPU time, faults, and cache behaviors. Techniques for verification and mitigation of these Formal Verification of Higher-Order Masked Arithmetic Programs 26:37 types of side-channel attacks have been studied in the literature, such as [3,4,7,30,37,81,104,105,125,126] for timing side-channel attacks, [13,14,34,35,38,51,66,71,83,116,121,125] for cache side-channel attacks, and [12,22,28,29,56,73] for fault attacks. Each type of side-channel has unique characteristics, which usually requires specific verification techniques, so these results are orthogonal to our work.…”

Section: Related Workmentioning

confidence: 99%

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Gao

Xie

Song

et al. 2021

ACM Trans. Softw. Eng. Methodol.

View full text Add to dashboard Cite

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out to be an error-prone task. Current techniques for verifying whether masked programs are secure are limited in their applicability and accuracy, especially when they are applied. To bridge this gap, in this article, we first propose a sound type system, equipped with an efficient type inference algorithm, for verifying masked arithmetic programs against higher-order attacks. We then give novel model-counting-based and pattern-matching-based methods that are able to precisely determine whether the potential leaky observable sets detected by the type system are genuine or simply spurious. We evaluate our approach on various implementations of arithmetic cryptographic programs. The experiments confirm that our approach outperforms the state-of-the-art baselines in terms of applicability, accuracy, and efficiency.

show abstract

“…In addition to power side-channel attacks, there are other types of side-channel attacks against cryptographic programs, where the side channels can be in the form of, e.g., CPU time, faults and cache behaviors. Techniques for verification and mitigation of these types of side-channel attacks have been studied in the literature, such as [2,3,5,28,35,73,91,92,108,109] for timing side-channel attacks, [11,12,32,33,36,47,60,65,75,100,105,108] for cache side-channel attacks and [10,20,26,27,52,67] for fault attacks. Each type of side-channel has unique characteristics, which usually requires specific verification techniques, so these results are orthogonal to our work.…”

Section: Related Workmentioning

confidence: 99%

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Gao

Xie

Song

et al. 2020

Preprint

View full text Add to dashboard Cite

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out to be an errorprone task. Current techniques for verifying whether masked programs are secure are limited in their applicability and accuracy, especially when they are applied. To bridge this gap, in this article, we first propose a sound type system, equipped with an efficient type inference algorithm, for verifying masked arithmetic programs against higher-order attacks. We then give novel model-counting based and pattern-matching based methods which are able to precisely determine whether the potential leaky observable sets detected by the type system are genuine or simply spurious. We evaluate our approach on various implementations of arithmetic cryptographic programs. The experiments confirm that our approach outperforms the state-of-the-art baselines in terms of applicability, accuracy and efficiency.CCS Concepts: • Software and its engineering → Software verification; • Security and privacy → Logic and verification; Side-channel analysis and countermeasures.

show abstract

An exploration of effective fuzzing for side‐channel cache leakage

Cited by 8 publications

References 33 publications

Timing Channels in Adaptive Neural Networks

Timing Channels in Adaptive Neural Networks

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Contact Info

Product

Resources

About