Eliminating timing side-channel leaks using program repair

Wu, Mingquan; Guo, Shengjian; Schaumont, Patrick; Wang, Chao

doi:10.1145/3213846.3213851

Cited by 84 publications

(107 citation statements)

References 80 publications

(88 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have implemented our method in LLVM [33] and experimentally compared it with a state-of-the-art, non-speculative static cache analysis technique [62]. In our experiments, we used a set-associative cache with the LRU replacement policy, 512 cache lines, and 64 bytes per line.…”

Section: Methodsmentioning

confidence: 99%

“…As a result, for some key values, accessing sbox results in a cache hit, but for other key values, it results in a cache miss. Although timing side channels have been investigated before [7,16,25,62], these prior works never considered speculative execution. Our contribution, in this context, is to show that even if a program is leak-free under normal execution, it may still be leaky under speculative execution.…”

Section: Side Channel Detectionmentioning

confidence: 99%

“…We first compare our method with the state-of-the-art, nonspeculative method [62]. The results are shown in Table 5.…”

Section: Effectiveness: Execution Time Estimationmentioning

confidence: 99%

“…Ferdinand and Wilhelm [18,20] pioneered the use of abstract interpretation in may-and must-hit cache analyses [61]. Others also used similar techniques to detect timing side channels [7,16,62]. However, prior works focused primarily on improving abstract interpretation without considering speculative execution.…”

Section: Related Workmentioning

confidence: 99%

“…This is important because an instruction may take only 1-3 clock cycles when there is a cache hit, but tens or even hundreds of clock cycles when there is a cache miss. Static analysis is useful in examining the cache related properties of a program, e.g., to detect information leaks through timing side channels [7,16,30,53,62] or prove that a computation task always meets the deadline [18,20].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Abstract interpretation under speculative execution

Wang

2019

Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation

Self Cite

View full text Add to dashboard Cite

Analyzing the behavior of a program running on a processor that supports speculative execution is crucial for applications such as execution time estimation and side channel detection. Unfortunately, existing static analysis techniques based on abstract interpretation do not model speculative execution since they focus on functional properties of a program while speculative execution does not change the functionality. To fill the gap, we propose a method to make abstract interpretation sound under speculative execution. There are two contributions. First, we introduce the notion of virtual control flow to augment instructions that may be speculatively executed and thus affect subsequent instructions. Second, to make the analysis efficient, we propose optimizations to handle merges and loops and to safely bound the speculative execution depth. We have implemented and evaluated the proposed method in a static cache analysis for execution time estimation and side channel detection. Our experiments show that the new method, while guaranteed to be sound under speculative execution, outperforms state-of-the-art abstract interpretation techniques that may be unsound.CCS Concepts • Software and its engineering → Formal software verification; Compilers; • Security and privacy → Cryptanalysis and other attacks. SpeculativeAbstract Interpretation Architectural Parameters (cache config., speculation depth) Control Flow Analysis

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Side Channel Detectionmentioning

confidence: 99%

“…We first compare our method with the state-of-the-art, nonspeculative method [62]. The results are shown in Table 5.…”

Section: Effectiveness: Execution Time Estimationmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Abstract interpretation under speculative execution

Wang

2019

Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation

Self Cite

View full text Add to dashboard Cite

show abstract

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Gridin

García

Tuveri

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Quantitative Mitigation of Timing Side Channels

Tizpaz-Niari

Černý

Trivedi

2019

Computer Aided Verification

View full text Add to dashboard Cite

Timing side channels pose a significant threat to the security and privacy of software applications. We propose an approach for mitigating this problem by decreasing the strength of the side channels as measured by entropy-based objectives, such as min-guess entropy. Our goal is to minimize the information leaks while guaranteeing a user-specified maximal acceptable performance overhead. We dub the decision version of this problem Shannon mitigation, and consider two variants, deterministic and stochastic. First, we show that the deterministic variant is NP-hard. However, we give a polynomial algorithm that finds an optimal solution from a restricted set. Second, for the stochastic variant, we develop an approach that uses optimization techniques specific to the entropy-based objective used. For instance, for min-guess entropy, we used mixed integer-linear programming. We apply the algorithm to a threat model where the attacker gets to make functional observations, that is, where she observes the running time of the program for the same secret value combined with different public input values. Existing mitigation approaches do not give confidentiality or performance guarantees for this threat model. We evaluate our tool Schmit on a number of micro-benchmarks and real-world applications with different entropybased objectives. In contrast to the existing mitigation approaches, we show that in the functional-observation threat model, Schmit is scalable and able to maximize confidentiality under the performance overhead bound.

show abstract

Eliminating timing side-channel leaks using program repair

Cited by 84 publications

References 80 publications

Abstract interpretation under speculative execution

Abstract interpretation under speculative execution

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Quantitative Mitigation of Timing Side Channels

Contact Info

Product

Resources

About