DATA - Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries

Weiser, Samuel and Zankl, Andreas and Spreitzer, Raphael and Miller, Katja and Mangard, Stefan and Sigl, Georg

Benutzer: Gast

Sicherheit in der Informationstechnik (Prof. Sigl)

Zurück
Zurück zum Anfang der Trefferliste
Dauerhafter Link zum angezeigten Objekt

Titel:: DATA - Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries
Dokumenttyp:: Konferenzbeitrag
Autor(en):: Weiser, Samuel and Zankl, Andreas and Spreitzer, Raphael and Miller, Katja and Mangard, Stefan and Sigl, Georg
Abstract:: Cryptographic implementations are a valuable target for address-based side-channel attacks and should, thus, be protected against them. Countermeasures, however, are often incorrectly deployed or completely omitted in practice. Moreover, existing tools that identify information leaks in programs either suffer from imprecise abstraction or only cover a subset of possible leaks. We systematically address these limitations and propose a new methodology to test software for information leaks. In this work, we present DATA, a differential address trace analysis framework that detects address-based sidechannel leaks in program binaries. This accounts for attacks exploiting caches, DRAM, branch prediction, controlled channels, and likewise. DATA works in three phases. First, the program under test is executed to record several address traces. These traces are analyzed using a novel algorithm that dynamically re-aligns traces to increase detection accuracy. Second, a generic leakage test filters differences caused by statistically independent program behavior, e.g., randomization, and reveals true information leaks. The third phase classifies these leaks according to the information that can be obtained from them. This provides further insight to security analysts about the risk they pose in practice. We use DATA to analyze OpenSSL and PyCrypto in a fully automated way. Among several expected leaks in symmetric ciphers, DATA also reveals known and previously unknown leaks in asymmetric primitives (RSA, DSA, ECDSA), and DATA identifies erroneous bug fixes of supposedly fixed constant-time vulnerabilities. «
Cryptographic implementations are a valuable target for address-based side-channel attacks and should, thus, be protected against them. Countermeasures, however, are often incorrectly deployed or completely omitted in practice. Moreover, existing tools that identify information leaks in programs either suffer from imprecise abstraction or only cover a subset of possible leaks. We systematically address these limitations and propose a new methodology to test software for information leaks. I... »
Dewey-Dezimalklassifikation:: 620 Ingenieurwissenschaften
Kongress- / Buchtitel:: 27th USENIX Security Symposium (USENIX Security 18)
Kongress / Zusatzinformationen:: Baltimore, USA
Datum der Konferenz:: 15.08.-17.08.2018
Verlag / Institution:: USENIX Association
Verlagsort:: Baltimore, MD
Jahr:: 2018
Quartal:: 3. Quartal
Jahr / Monat:: 2018-08
Monat:: Aug
Seiten:: 603--620
Print-ISBN:: 978-1-931971-46-1
Reviewed:: ja
Sprache:: en
WWW:: https://www.usenix.org/conference/usenixsecurity18
BibTeX

Vorkommen:

mediaTUM Gesamtbestand Hochschulbibliographie 2018 Fakultäten Elektrotechnik und Informationstechnik Sicherheit in der Informationstechnik (Prof. Sigl)

mediaTUM Gesamtbestand Einrichtungen Schools TUM School of Computation, Information and Technology Departments Computer Engineering Sicherheit in der Informationstechnik (Prof. Sigl)2018