Structured Leakage and Applications to Cryptographic Constant-Time and Cost

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2021-11-12 DOI:10.1145/3460120.3484761

G. Barthe, B. Grégoire, Vincent Laporte, Swarn Priya

{"title":"Structured Leakage and Applications to Cryptographic Constant-Time and Cost","authors":"G. Barthe, B. Grégoire, Vincent Laporte, Swarn Priya","doi":"10.1145/3460120.3484761","DOIUrl":null,"url":null,"abstract":"Many security properties of interest are captured by instrumented semantics that model the functional behavior and the leakage of programs. For several important properties, including cryptographic constant-time (CCT), leakage models are sufficiently abstract that one can define instrumented semantics for high-level and low-level programs. One important goal is then to relate leakage of source programs and leakage of their compilation---this can be used, e.g., to prove preservation of CCT. To simplify this task, we put forward the idea of structured leakage. In contrast to the usual modeling of leakage as a sequence of observations, structured leakage is tightly coupled with the operational semantics of programs. This coupling greatly simplifies the definition of leakage transformers that map the leakage of source programs to leakage of their compilation and yields more precise statements about the preservation of security properties. We illustrate our methods on the Jasmin compiler and prove preservation results for two policies of interest: CCT and cost.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"119 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3460120.3484761","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Many security properties of interest are captured by instrumented semantics that model the functional behavior and the leakage of programs. For several important properties, including cryptographic constant-time (CCT), leakage models are sufficiently abstract that one can define instrumented semantics for high-level and low-level programs. One important goal is then to relate leakage of source programs and leakage of their compilation---this can be used, e.g., to prove preservation of CCT. To simplify this task, we put forward the idea of structured leakage. In contrast to the usual modeling of leakage as a sequence of observations, structured leakage is tightly coupled with the operational semantics of programs. This coupling greatly simplifies the definition of leakage transformers that map the leakage of source programs to leakage of their compilation and yields more precise statements about the preservation of security properties. We illustrate our methods on the Jasmin compiler and prove preservation results for two policies of interest: CCT and cost.

查看原文本刊更多论文

结构化泄漏及其在密码常数中的应用——时间和成本

许多感兴趣的安全属性是通过对程序的功能行为和泄漏进行建模的工具化语义捕获的。对于一些重要的属性，包括加密常数时间(CCT)，泄漏模型是足够抽象的，因此可以为高级和低级程序定义工具化语义。一个重要的目标是将源程序的泄漏与其编译的泄漏联系起来——这可以用来证明CCT的保存。为了简化这一任务，我们提出了结构化泄漏的思想。与通常将泄漏建模为观察序列不同，结构化泄漏与程序的操作语义紧密耦合。这种耦合极大地简化了将源程序的泄漏映射到其编译的泄漏的泄漏转换器的定义，并产生了关于安全属性保存的更精确的声明。我们在Jasmin编译器上演示了我们的方法，并证明了两种策略的保存结果:CCT和cost。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

自引率

0.00%

发文量