CacheAudit
Overview
CacheAudit is a versatile framework for the automatic, static analysis
of cache side channels. CacheAudit takes as input a program binary and
a cache configuration, and it derives formal, quantitative security
guarantees for a comprehensive set of side-channel adversaries, namely
those based on observing cache states, traces of hits and misses, and
execution times.
Downloads
See the README for information about
installing and using CacheAudit.
Core Team
External Contributors
Publications
Journals
Conferences
-
Rigorous Analysis of Software Countermeasures against Cache Attacks
Goran Doychev and Boris Köpf
38th ACM Conference on Programming Language Design and Implementation (PLDI), 2017.
-
Security Analysis of Cache Replacement Policies
Pablo Cañones, Boris Köpf, and Jan Reineke
6th Conference on Principles of Security and Trust (POST), 2017.
-
Bounding the
cache-side-channel leakage of lattice-based signature schemes
using program semantics
Nina Bindel, Johannes Buchmann, Juliane Krämer, Heiko Mantel,
Johannes Schickel and Alexandra Weber.
10th International
Symposium on Foundations and Practice of Security (FPS), 2017.
-
A Systematic Study of Cache Side Channels
across AES Implementations
Heiko Mantel, Alexandra Weber, and Boris Köpf
9th International Symposium on Engineering Secure Software and Systems (ESSoS), 2017
- Leakage Resilience against Concurrent Cache Attacks
Gilles Barthe, Boris Köpf, Laurent Mauborgne, and Martín Ochoa
3rd Conference on Principles of Security and Trust (POST), 2014.
-
CacheAudit:
A Tool for the Static Analysis of Cache Side Channels
Goran Doychev, Dominik Feld, Boris Köpf, Laurent Mauborgne, and Jan Reineke
22nd USENIX Security Symposium,
2013.
Extended version available at IACR ePrint 2013/253
- Automatic Quantification of Cache Side-Channels
Boris Köpf, Laurent Mauborgne, and Martín Ochoa
24th International Conference on Computer Aided Verification (CAV), 2012.
Extended version available at IACR ePrint 2012/034
Theses