Cache refinement type for side-channel detection of cryptographic software

Cache side-channel attacks exhibit severe threats to software security and privacy, especially for cryptosystems. In this paper, we propose CaType, a novel refinement type-based tool for detecting cache side channels in crypto software. Compared to previous works, CaType provides the following advan...

Full description

Saved in:
Bibliographic Details
Main Authors: Jiang, Ke, Bao, Yuyan, Wang, Shuai, Liu, Zhibo, Zhang, Tianwei
Other Authors: School of Computer Science and Engineering
Format: Conference or Workshop Item
Language:English
Published: 2023
Subjects:
Online Access:https://hdl.handle.net/10356/165415
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-165415
record_format dspace
spelling sg-ntu-dr.10356-1654152023-03-31T15:49:53Z Cache refinement type for side-channel detection of cryptographic software Jiang, Ke Bao, Yuyan Wang, Shuai Liu, Zhibo Zhang, Tianwei School of Computer Science and Engineering 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS 2022) Engineering::Computer science and engineering Cryptography Cache Side-Channel Static Analysis Refinement Type Inference Cache side-channel attacks exhibit severe threats to software security and privacy, especially for cryptosystems. In this paper, we propose CaType, a novel refinement type-based tool for detecting cache side channels in crypto software. Compared to previous works, CaType provides the following advantages: (1) For the first time CaType analyzes cache side channels using refinement type over x86 assembly code. It reveals several significant and effective enhancements with refined types, including bit-level granularity tracking, distinguishing different effects of variables, precise type inferences, and high scalability. (2) CaType is the first static analyzer for crypto libraries in consideration of blinding-based defenses. (3) From the perspective of implementation, CaType uses cache layouts of potential vulnerable control-flow branches rather than cache states to suppress false positives. We evaluate CaType in identifying side channel vulnerabilities in real-world crypto software, including RSA, ElGamal, and (EC)DSA from OpenSSL and Libgcrypt. CaType captures all known defects, detects previously-unknown vulnerabilities, and reveals several false positives of previous tools. In terms of performance, CaType is 16X faster than CacheD and 131X faster than CacheS when analyzing the same libraries. These evaluation results confirm the capability of CaType in identifying side channel defects with great precision, efficiency, and scalability. Ministry of Education (MOE) Nanyang Technological University National Research Foundation (NRF) Submitted/Accepted version This work has been supported in part by Singapore National Research Foundation under its National Cybersecurity R&D Programme (NCR Award NRF2018 NCR-NCR009-0001), Singapore Ministry of Education (MOE) AcRF Tier 1 RS02/19, NTU Start-up grant. 2023-03-28T05:37:15Z 2023-03-28T05:37:15Z 2022 Conference Paper Jiang, K., Bao, Y., Wang, S., Liu, Z. & Zhang, T. (2022). Cache refinement type for side-channel detection of cryptographic software. 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS 2022), 1583-1597. https://dx.doi.org/10.1145/3548606.3560672 978-1-4503-9450-5 https://hdl.handle.net/10356/165415 10.1145/3548606.3560672 1583 1597 en NRF2018 NCR-NCR009-0001 RS02/19 NTU-SUG © 2022 Association for Computing Machinery. All rights reserved. This paper was published in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS 2022) and is made available with permission of Association for Computing Machinery. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Computer science and engineering
Cryptography
Cache Side-Channel
Static Analysis
Refinement Type Inference
spellingShingle Engineering::Computer science and engineering
Cryptography
Cache Side-Channel
Static Analysis
Refinement Type Inference
Jiang, Ke
Bao, Yuyan
Wang, Shuai
Liu, Zhibo
Zhang, Tianwei
Cache refinement type for side-channel detection of cryptographic software
description Cache side-channel attacks exhibit severe threats to software security and privacy, especially for cryptosystems. In this paper, we propose CaType, a novel refinement type-based tool for detecting cache side channels in crypto software. Compared to previous works, CaType provides the following advantages: (1) For the first time CaType analyzes cache side channels using refinement type over x86 assembly code. It reveals several significant and effective enhancements with refined types, including bit-level granularity tracking, distinguishing different effects of variables, precise type inferences, and high scalability. (2) CaType is the first static analyzer for crypto libraries in consideration of blinding-based defenses. (3) From the perspective of implementation, CaType uses cache layouts of potential vulnerable control-flow branches rather than cache states to suppress false positives. We evaluate CaType in identifying side channel vulnerabilities in real-world crypto software, including RSA, ElGamal, and (EC)DSA from OpenSSL and Libgcrypt. CaType captures all known defects, detects previously-unknown vulnerabilities, and reveals several false positives of previous tools. In terms of performance, CaType is 16X faster than CacheD and 131X faster than CacheS when analyzing the same libraries. These evaluation results confirm the capability of CaType in identifying side channel defects with great precision, efficiency, and scalability.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Jiang, Ke
Bao, Yuyan
Wang, Shuai
Liu, Zhibo
Zhang, Tianwei
format Conference or Workshop Item
author Jiang, Ke
Bao, Yuyan
Wang, Shuai
Liu, Zhibo
Zhang, Tianwei
author_sort Jiang, Ke
title Cache refinement type for side-channel detection of cryptographic software
title_short Cache refinement type for side-channel detection of cryptographic software
title_full Cache refinement type for side-channel detection of cryptographic software
title_fullStr Cache refinement type for side-channel detection of cryptographic software
title_full_unstemmed Cache refinement type for side-channel detection of cryptographic software
title_sort cache refinement type for side-channel detection of cryptographic software
publishDate 2023
url https://hdl.handle.net/10356/165415
_version_ 1762031110819151872