Testing side-channel security of cryptographic implementations against future microarchitectures
CoRR(2024)
摘要
How will future microarchitectures impact the security of existing
cryptographic implementations? As we cannot keep reducing the size of
transistors, chip vendors have started developing new microarchitectural
optimizations to speed up computation. A recent study (Sanchez Vicarte et al.,
ISCA 2021) suggests that these optimizations might open the Pandora's box of
microarchitectural attacks. However, there is little guidance on how to
evaluate the security impact of future optimization proposals.
To help chip vendors explore the impact of microarchitectural optimizations
on cryptographic implementations, we develop (i) an expressive domain-specific
language, called LmSpec, that allows them to specify the leakage model for the
given optimization and (ii) a testing framework, called LmTest, to
automatically detect leaks under the specified leakage model within the given
implementation. Using this framework, we conduct an empirical study of 18
proposed microarchitectural optimizations on 25 implementations of eight
cryptographic primitives in five popular libraries. We find that every
implementation would contain secret-dependent leaks, sometimes sufficient to
recover a victim's secret key, if these optimizations were realized.
Ironically, some leaks are possible only because of coding idioms used to
prevent leaks under the standard constant-time model.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要