ct-fuzz: Fuzzing for Timing Leaks

2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST) Pub Date : 2019-04-15 DOI:10.1109/icst46399.2020.00063

Shaobo He, M. Emmi, Gabriela F. Cretu-Ciocarlie

{"title":"ct-fuzz: Fuzzing for Timing Leaks","authors":"Shaobo He, M. Emmi, Gabriela F. Cretu-Ciocarlie","doi":"10.1109/icst46399.2020.00063","DOIUrl":null,"url":null,"abstract":"Testing-based methodologies like fuzzing are able to analyze complex software which is not amenable to traditional formal approaches like verification, model checking, and abstract interpretation. Despite enormous success a texposing countless security vulnerabilities in many popular software projects, applications of testing-based approaches mainly targeted checking traditional safety properties like memory safety. While unquestionably important, this class of properties does not precisely characterize other important security aspects such as information leakage, e.g., through side channels.In this work we extend testing-based software analysis methodologies to two-safety properties, which enables the precise discovery of information leaks in complex software. In particular, we present the ct-fuzz tool, which lends coverage-guided grey box fuzzers the ability to detect two safety property violations. Our approach is capable of exposing violations to any two-safety property expressed a sequality between two program traces. Empirically, we demonstrate that ct-fuzz swiftly reveals timing leaks in popular cryptographic implementations.","PeriodicalId":235967,"journal":{"name":"2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST)","volume":"13 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"23","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/icst46399.2020.00063","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 23

Abstract

Testing-based methodologies like fuzzing are able to analyze complex software which is not amenable to traditional formal approaches like verification, model checking, and abstract interpretation. Despite enormous success a texposing countless security vulnerabilities in many popular software projects, applications of testing-based approaches mainly targeted checking traditional safety properties like memory safety. While unquestionably important, this class of properties does not precisely characterize other important security aspects such as information leakage, e.g., through side channels.In this work we extend testing-based software analysis methodologies to two-safety properties, which enables the precise discovery of information leaks in complex software. In particular, we present the ct-fuzz tool, which lends coverage-guided grey box fuzzers the ability to detect two safety property violations. Our approach is capable of exposing violations to any two-safety property expressed a sequality between two program traces. Empirically, we demonstrate that ct-fuzz swiftly reveals timing leaks in popular cryptographic implementations.

查看原文本刊更多论文

ct-fuzz:定时泄漏的模糊检测

像模糊测试这样基于测试的方法能够分析复杂的软件，这是传统的正式方法(如验证、模型检查和抽象解释)无法做到的。尽管在许多流行的软件项目中揭露了无数的安全漏洞取得了巨大的成功，但基于测试的方法的应用主要针对检查传统的安全属性，如内存安全。虽然这类属性无疑是重要的，但它并不能准确地描述其他重要的安全方面，例如通过侧通道的信息泄漏。在这项工作中，我们将基于测试的软件分析方法扩展到两个安全属性，这使得能够精确发现复杂软件中的信息泄漏。特别地，我们提出了ct-fuzz工具，它使覆盖引导的灰盒模糊器能够检测到两个安全属性违规。我们的方法能够暴露对两个程序跟踪之间表示相等的任何双安全属性的违反。根据经验，我们证明了ct-fuzz可以快速揭示流行加密实现中的时间泄漏。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE 13th International Conference on Software Testing, Validation and Verification (ICST)

自引率

0.00%

发文量