IMDEA Software researchers Gilles Barthe, Marco Guarnieri and David Mateos Romero received a distinguished paper award at the ACM Conference on Computer and Communications Security (CCS) for their paper “Testing side-channel security of cryptographic implementations against future microarchitectures”, co-authored with Marcel Böhme (MPI-SP), Sunjay Cauligi (MPI-SP), Chitchanok Chuengsatiansup (University of Melbourne), Daniel Genkin (GeorgiaTech), Peter Schwabe (MPI-SP), David Wu (University of Adelaide), Yuval Yarom (Ruhr University Bochum).
As reducing the size of transistors is increasingly more challenging due to physical limits, chip vendors are looking into microarchitectural optimizations as an alternative to further speed up computations. These optimizations, however, often introduce security vulnerabilities that attackers cna exploit to compromise cryptographic libraries, as repeatedly shown by recent microarchitectural attacks.
To help chip vendors explore the impact of microarchitectural optimizations on cryptographic implementations, the paper develops (i) an expressive domain-specific language, called LmSpec, that allows vendors to specify the leakage model for the given optimization and (ii) a testing framework, called LmTest, to automatically detect leaks under the specified leakage model within the given implementation.
Using this framework, the authors conducted an empirical study of 18 proposed microarchitectural optimizations on 25 implementations of eight cryptographic primitives in five popular libraries. This analysis found that every implementation would contain secret-dependent leaks, sometimes sufficient to recover a victim’s secret key, if these optimizations were realized. Ironically, some leaks are possible only because of coding idioms used to prevent leaks under the standard constant-time model.
The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results.
