Side-channel Elimination via Partial Control-flow Linearization

IF 1.5 2区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

ACM Transactions on Programming Languages and Systems Pub Date : 2023-06-26 DOI:https://dl.acm.org/doi/10.1145/3594736

Luigi Soares, Michael Canesche, Fernando Magno Quintão Pereira

{"title":"Side-channel Elimination via Partial Control-flow Linearization","authors":"Luigi Soares, Michael Canesche, Fernando Magno Quintão Pereira","doi":"https://dl.acm.org/doi/10.1145/3594736","DOIUrl":null,"url":null,"abstract":"<p>Partial control-flow linearization is a code transformation conceived to maximize work performed in vectorized programs. In this article, we find a new service for it. We show that partial control-flow linearization protects programs against timing attacks. This transformation is sound: Given an instance of its public inputs, the partially linearized program always runs the same sequence of instructions, regardless of secret inputs. Incidentally, if the original program is publicly safe, then accesses to the data cache will be data oblivious in the transformed code. The transformation is optimal: Every branch that depends on some secret data is linearized; no branch that depends on only public data is linearized. Therefore, the transformation preserves loops that depend exclusively on public information. If every branch that leaves a loop depends on secret data, then the transformed program will not terminate. Our transformation extends previous work in non-trivial ways. It handles C constructs such as “goto,” “break,” “switch,” and “continue,” which are absent in the FaCT domain-specific language (2018). Like Constantine (2021), our transformation ensures operation invariance but without requiring profiling information. Additionally, in contrast to SC-Eliminator (2018) and Lif (2021), it handles programs containing loops whose trip count is not known at compilation time.</p>","PeriodicalId":50939,"journal":{"name":"ACM Transactions on Programming Languages and Systems","volume":"258 8","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2023-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Programming Languages and Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/https://dl.acm.org/doi/10.1145/3594736","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Partial control-flow linearization is a code transformation conceived to maximize work performed in vectorized programs. In this article, we find a new service for it. We show that partial control-flow linearization protects programs against timing attacks. This transformation is sound: Given an instance of its public inputs, the partially linearized program always runs the same sequence of instructions, regardless of secret inputs. Incidentally, if the original program is publicly safe, then accesses to the data cache will be data oblivious in the transformed code. The transformation is optimal: Every branch that depends on some secret data is linearized; no branch that depends on only public data is linearized. Therefore, the transformation preserves loops that depend exclusively on public information. If every branch that leaves a loop depends on secret data, then the transformed program will not terminate. Our transformation extends previous work in non-trivial ways. It handles C constructs such as “goto,” “break,” “switch,” and “continue,” which are absent in the FaCT domain-specific language (2018). Like Constantine (2021), our transformation ensures operation invariance but without requiring profiling information. Additionally, in contrast to SC-Eliminator (2018) and Lif (2021), it handles programs containing loops whose trip count is not known at compilation time.

查看原文本刊更多论文

通过部分控制流线性化消除侧通道

部分控制流线性化是一种代码转换，旨在使矢量化程序中执行的工作最大化。在本文中，我们将为它找到一个新的服务。我们展示了部分控制流线性化保护程序免受定时攻击。这种转换是合理的:给定其公共输入的一个实例，部分线性化的程序总是运行相同的指令序列，而不管秘密输入是什么。顺便提一下，如果原始程序是公共安全的，那么对数据缓存的访问在转换后的代码中将是数据无关的。这种转换是最优的:每个依赖于某些秘密数据的分支都是线性化的;没有只依赖于公共数据的分支是线性化的。因此，转换保留了完全依赖于公共信息的循环。如果每个离开循环的分支都依赖于秘密数据，那么转换后的程序将不会终止。我们的转换以不同寻常的方式扩展了之前的工作。它处理诸如“goto”、“break”、“switch”和“continue”等C结构，这些结构在FaCT领域特定语言(2018)中是不存在的。与Constantine(2021)一样，我们的转换确保了操作的不变性，但不需要分析信息。此外，与SC-Eliminator(2018)和liff(2021)相比，它处理包含在编译时不知道循环次数的程序。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Transactions on Programming Languages and Systems 工程技术-计算机：软件工程

CiteScore

3.10

自引率

7.70%

发文量

审稿时长

>12 weeks

期刊介绍： ACM Transactions on Programming Languages and Systems (TOPLAS) is the premier journal for reporting recent research advances in the areas of programming languages, and systems to assist the task of programming. Papers can be either theoretical or experimental in style, but in either case, they must contain innovative and novel content that advances the state of the art of programming languages and systems. We also invite strictly experimental papers that compare existing approaches, as well as tutorial and survey papers. The scope of TOPLAS includes, but is not limited to, the following subjects: language design for sequential and parallel programming programming language implementation programming language semantics compilers and interpreters runtime systems for program execution storage allocation and garbage collection languages and methods for writing program specifications languages and methods for secure and reliable programs testing and verification of programs