Binsec/rel: Efficient relational symbolic execution for constant-time at binary-level
The constant-time programming discipline (CT) is an efficient countermeasure against timing
side-channel attacks, requiring the control flow and the memory accesses to be independent …
side-channel attacks, requiring the control flow and the memory accesses to be independent …
Microwalk: A framework for finding side channels in binaries
Microarchitectural side channels expose unprotected software to information leakage
attacks where a software adversary is able to track runtime behavior of a benign process …
attacks where a software adversary is able to track runtime behavior of a benign process …
{DATA}–differential address trace analysis: Finding address-based {Side-Channels} in binaries
S Weiser, A Zankl, R Spreitzer, K Miller… - 27th USENIX Security …, 2018 - usenix.org
Cryptographic implementations are a valuable target for address-based side-channel
attacks and should, thus, be protected against them. Countermeasures, however, are often …
attacks and should, thus, be protected against them. Countermeasures, however, are often …
SpecuSym: Speculative symbolic execution for cache timing leak detection
CPU cache is a limited but crucial storage component in modern processors, whereas the
cache timing side-channel may inadvertently leak information through the physically …
cache timing side-channel may inadvertently leak information through the physically …
[PDF][PDF] “These results must be false”: A usability evaluation of constant-time analysis tools
Cryptography secures our online interactions, transactions, and trust. To achieve this goal,
not only do the cryptographic primitives and protocols need to be secure in theory, they also …
not only do the cryptographic primitives and protocols need to be secure in theory, they also …
{CacheQL}: Quantifying and Localizing Cache {Side-Channel} Vulnerabilities in Production Software
Cache side-channel attacks extract secrets by examining how victim software accesses
cache. To date, practical attacks on crypto systems and media libraries are demonstrated …
cache. To date, practical attacks on crypto systems and media libraries are demonstrated …
BINSEC/REL: symbolic binary analyzer for security with applications to constant-time and secret-erasure
This article tackles the problem of designing efficient binary-level verification for a subset of
information flow properties encompassing constant-time and secret-erasure. These …
information flow properties encompassing constant-time and secret-erasure. These …
Abacus: Precise side-channel analysis
Side-channel attacks allow adversaries to infer sensitive information from non-functional
characteristics. Prior side-channel detection work is able to identify numerous potential …
characteristics. Prior side-channel detection work is able to identify numerous potential …
Cache refinement type for side-channel detection of cryptographic software
Cache side-channel attacks exhibit severe threats to software security and privacy,
especially for cryptosystems. In this paper, we propose CaType, a novel refinement type …
especially for cryptosystems. In this paper, we propose CaType, a novel refinement type …
On the pitfalls and vulnerabilities of schedule randomization against schedule-based attacks
Schedule randomization is one of the recently introduced security defenses against
schedule-based attacks, ie, attacks whose success depends on a particular ordering …
schedule-based attacks, ie, attacks whose success depends on a particular ordering …