Abstract
Timing side-channel attacks are an important issue for cryptographic algorithms. If the execution time of an implementation depends on secret information, an adversary may recover the latter through measuring the former. Different approaches have emerged to exploit information leakage on cryptographic implementations and to protect them against these attacks, and recent works extend the concerns to dynamic execution systems [3, 15, 24]. However, little has been said about Cross-ISA emulation and its impact on timing leakages. In this paper, we investigate the impact of dynamic binary translators in the constant-time property of known cryptographic implementations, using different Region Formation Techniques (RFTs). We show that the emulation may have a significant impact by inserting non constant-time constructions during the translation, leading to significant timing leakages in QEMU and HQEMU emulators. These leakages are then verified using a statistical approach. In order to guarantee the constant-time property, we have implemented a solution in the QEMU dynamic binary translator, mitigating the inserted timing side-channels.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Read timestamp counter (rdtsc).
- 2.
In fact, one of the usual phases of vectorization is the if-conversion pass, the process of converting control-flow dependencies, a conditional branch, to data-flow dependencies, a select.
References
Becker, G., Cooper, J., DeMulder, E., Goodwill, G., et al.: Test vector leakage assessment (TVLA) methodology in practice. In: International Cryptographic Module Conference, p. 13 (2013)
Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, FREENIX Track, p. 46 (2005)
Brennan, T., Rosner, N., Bultan, T.: JIT Leaks: inducing timing side channels through just-in-time compilation. Technical report, UC Santa Barbara, Computer Science (2018)
Cauligi, S., et al.: FaCT: a flexible, constant-time programming language. In: 2017 SecDev, pp. 69–76. IEEE (2017)
Chen, J., Venkataramani, G.: An algorithm for detecting contention-based covert timing channels on shared hardware. In: HASP, p. 1. ACM (2014)
Cleemput, J.V., Coppens, B., De Sutter, B.: Compiler mitigations for time attacks on modern x86 processors. TACO 8(4) (2012). Article no: 23
Coppens, B., Verbauwhede, I., De Bosschere, K., De Sutter, B.: Practical mitigations for timing-based side-channel attacks on modern x86 processors. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 45–60. IEEE (2009)
Davis, D., Hazelwood, K.: Improving region selection through loop completion. In: ASPLOS, vol. 4, p. 7-3 (2011)
Duesterwald, E., Bala, V.: Software profiling for hot path prediction: less is more. ACM SIGOPS 34(5), 202–211 (2000)
Gianvecchio, S., Wang, H.: An entropy-based approach to detecting covert timing channels. TDSC 8(6), 785–797 (2011)
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P., et al.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop, vol. 7, pp. 115–136 (2011)
ARM Holdings: ARM mbedTLS
Hong, D.Y., et al.: HQEMU: a multi-threaded and retargetable dynamic binary translator on multicores. In: CGO, pp. 104–113. ACM (2012)
Ireland, D.: BigDigits multiple-precision arithmetic source code (2016)
Renner, J., Cauligi, S., Stefan, D.: Constant-time webassembly (2018)
Käsper, E., Schwabe, P.: Faster and timing-attack resistant AES-GCM. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 1–17. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_1
Kaufmann, T., Pelletier, H., Vaudenay, S., Villegas, K.: When constant-time source yields variable-time binary: exploiting curve25519-donna built with MSVC 2015. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 573–582. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_36
Napoli, O.O., do Rosario, V.M., Aranha, D.F., Borin, E.: Evaluation of timing side-channel leakage on a multiple-target dynamic binary translator (2018)
Payer, M., Gross, T.R.: Generating low-overhead dynamic binary translators. In: Proceedings of the 3rd Annual Haifa Experimental Systems Conference, p. 22. ACM (2010)
Reparaz, O., Balasch, J., Verbauwhede, I.: Dude, is my code constant time? In: DATE, pp. 1697–1702. IEEE (2017)
Rijmen, V., Bosselaers, A., Barreto, P.: Optimised ANSI C code for the Rijndael cipher (now AES). Public domain software (2000)
Smith, J.E., Nair, R.: Virtual Machines: Versatile Platforms for Systems and Processes. The Morgan Kaufmann Series. Morgan Kaufmann Publishers Inc., San Francisco (2005)
Standaert, F.X.: How (not) to use Welch’s T-test in side-channel security evaluations. In: IACR, vol. 2017, p. 138 (2017)
Van Cleemput, J., De Sutter, B., De Bosschere, K.: Adaptive compiler strategies for mitigating timing side channel attacks. TDSC 17(1), 35–49 (2017)
Wu, M., Guo, S., Schaumont, P., Wang, C.: Eliminating timing side-channel leaks using program repair. In: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 15–26. ACM (2018)
Acknowledgments
We would like to thank CNPq (Grant #: 313012/2017-2), Intel Corporation, and the Sao Paulo Research Foundation, FAPESP (Grants #:2014/50704-7 and 2013/08293-7), for supporting this research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Napoli, O.O., do Rosario, V.M., Aranha, D.F., Borin, E. (2020). Evaluation and Mitigation of Timing Side-Channel Leakages on Multiple-Target Dynamic Binary Translators. In: Bianchini, C., Osthoff, C., Souza, P., Ferreira, R. (eds) High Performance Computing Systems. WSCAD 2018. Communications in Computer and Information Science, vol 1171. Springer, Cham. https://doi.org/10.1007/978-3-030-41050-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-41050-6_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-41049-0
Online ISBN: 978-3-030-41050-6
eBook Packages: Computer ScienceComputer Science (R0)