折叠数据结构以减少时序侧信道泄漏

2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE) Pub Date : 2022-10-13 DOI:10.1109/MEMOCODE57689.2022.9954595

Eric Rothstein Morris, Jun Sun, Sudipta Chattopadhyay

{"title":"折叠数据结构以减少时序侧信道泄漏","authors":"Eric Rothstein Morris, Jun Sun, Sudipta Chattopadhyay","doi":"10.1109/MEMOCODE57689.2022.9954595","DOIUrl":null,"url":null,"abstract":"Timing channels in a program allow attackers to infer secret information being processed. To avoid introducing timing channels, programmers should follow Constant-Time Programming (CTP) guidelines or rely on repair tools that prevent leakage of information via timing channels. Existing repair tools prevent this leakage when programs have branches or loops whose behaviour depends on secrets; however, these repair tools do not efficiently prevent the leakage that occurs if the program accesses a data structure using secret indices. In this work, we present ORIGAMI, a set of repair rules to enforce constant read/write operations on fixed-size, multidimensional data structures so that accessing them via secret indices does not leak information. We implement ORIGAMI as a series of LLVM optimisation passes and evaluate ORIGAMI with programs from Tomcrypt and GDK libraries. Evaluation with the repaired programs using an accurate simulator (GEM5) confirms that our approach indeed repairs the timing channels in practice.","PeriodicalId":157326,"journal":{"name":"2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ORIGAMI: Folding Data Structures to Reduce Timing Side-Channel Leakage\",\"authors\":\"Eric Rothstein Morris, Jun Sun, Sudipta Chattopadhyay\",\"doi\":\"10.1109/MEMOCODE57689.2022.9954595\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Timing channels in a program allow attackers to infer secret information being processed. To avoid introducing timing channels, programmers should follow Constant-Time Programming (CTP) guidelines or rely on repair tools that prevent leakage of information via timing channels. Existing repair tools prevent this leakage when programs have branches or loops whose behaviour depends on secrets; however, these repair tools do not efficiently prevent the leakage that occurs if the program accesses a data structure using secret indices. In this work, we present ORIGAMI, a set of repair rules to enforce constant read/write operations on fixed-size, multidimensional data structures so that accessing them via secret indices does not leak information. We implement ORIGAMI as a series of LLVM optimisation passes and evaluate ORIGAMI with programs from Tomcrypt and GDK libraries. Evaluation with the repaired programs using an accurate simulator (GEM5) confirms that our approach indeed repairs the timing channels in practice.\",\"PeriodicalId\":157326,\"journal\":{\"name\":\"2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)\",\"volume\":\"50 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MEMOCODE57689.2022.9954595\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MEMOCODE57689.2022.9954595","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

程序中的定时通道允许攻击者推断正在处理的秘密信息。为了避免引入时序通道，程序员应该遵循恒定时间编程(CTP)指导方针，或者依赖于防止通过时序通道泄露信息的修复工具。当程序有分支或循环，其行为依赖于秘密时，现有的修复工具可以防止这种泄漏;但是，这些修复工具不能有效地防止程序使用秘密索引访问数据结构时发生的泄漏。在这项工作中，我们提出了ORIGAMI，这是一组修复规则，用于在固定大小的多维数据结构上执行恒定的读/写操作，以便通过秘密索引访问它们不会泄露信息。我们将ORIGAMI实现为一系列LLVM优化通过，并使用Tomcrypt和GDK库中的程序评估ORIGAMI。使用精确模拟器(GEM5)对修复程序进行评估，证实我们的方法确实在实践中修复了时序通道。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

ORIGAMI: Folding Data Structures to Reduce Timing Side-Channel Leakage

Timing channels in a program allow attackers to infer secret information being processed. To avoid introducing timing channels, programmers should follow Constant-Time Programming (CTP) guidelines or rely on repair tools that prevent leakage of information via timing channels. Existing repair tools prevent this leakage when programs have branches or loops whose behaviour depends on secrets; however, these repair tools do not efficiently prevent the leakage that occurs if the program accesses a data structure using secret indices. In this work, we present ORIGAMI, a set of repair rules to enforce constant read/write operations on fixed-size, multidimensional data structures so that accessing them via secret indices does not leak information. We implement ORIGAMI as a series of LLVM optimisation passes and evaluate ORIGAMI with programs from Tomcrypt and GDK libraries. Evaluation with the repaired programs using an accurate simulator (GEM5) confirms that our approach indeed repairs the timing channels in practice.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 20th ACM-IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)

自引率

0.00%

发文量