skip to main content
10.1145/3460120.3484761acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Structured Leakage and Applications to Cryptographic Constant-Time and Cost

Published: 13 November 2021 Publication History

Abstract

Many security properties of interest are captured by instrumented semantics that model the functional behavior and the leakage of programs. For several important properties, including cryptographic constant-time (CCT), leakage models are sufficiently abstract that one can define instrumented semantics for high-level and low-level programs. One important goal is then to relate leakage of source programs and leakage of their compilation---this can be used, e.g., to prove preservation of CCT. To simplify this task, we put forward the idea of structured leakage. In contrast to the usual modeling of leakage as a sequence of observations, structured leakage is tightly coupled with the operational semantics of programs. This coupling greatly simplifies the definition of leakage transformers that map the leakage of source programs to leakage of their compilation and yields more precise statements about the preservation of security properties. We illustrate our methods on the Jasmin compiler and prove preservation results for two policies of interest: CCT and cost.

References

[1]
Carmine Abate, Roberto Blanco, Deepak Garg, Catalin Hritcu, Marco Patrignani, and Jé ré my Thibault. 2018. Exploring Robust Property Preservation for Secure Compilation. In Computer Security Foundations 2019. http://arxiv.org/abs/1807.04603
[2]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Arthur Blot, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Hugo Pacheco, Benedikt Schmidt, and Pierre-Yves Strub. 2017. Jasmin: High-Assurance and High-Speed Cryptography. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM.
[3]
José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Benjamin Grégoire, Adrien Koutsos, Vincent Laporte, Tiago Oliveira, and Pierre-Yves Strub. 2020. The Last Mile: High-Assurance and High-Speed Cryptographic Implementations. In 2020 IEEE Symposium on Security and Privacy (S&P). 965--982. https://doi.org/10.1109/SP40000.2020.00028
[4]
Roberto M. Amadio, Nicholas Ayache, Francc ois Bobot, Jaap Boender, Brian Campbell, Ilias Garnier, Antoine Madet, James McKinna, Dominic P. Mulligan, Mauro Piccolo, Randy Pollack, Yann Ré gis-Gianas, Claudio Sacerdoti Coen, Ian Stark, and Paolo Tranquilli. 2013. Certified Complexity (CerCo). In Foundational and Practical Aspects of Resource Analysis - Third International Workshop, FOPARA 2013, Bertinoro, Italy, August 29--31, 2013, Revised Selected Papers (Lecture Notes in Computer Science), Ugo Dal Lago and Ricardo Pe n a (Eds.), Vol. 8552. Springer, 1--18. https://doi.org/10.1007/978--3--319--12466--7_1
[5]
Gilles Barthe, Gustavo Betarte, Juan Campo, Carlos Luna, and David Pichardie. 2014. System-level non-interference for constant-time cryptography. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM.
[6]
Gilles Barthe, Sandrine Blazy, Benjamin Grégoire, Rémi Hutin, Vincent Laporte, David Pichardie, and Alix Trieu. 2020. Formal Verification of a Constant-Time Preserving C Compiler. Proceedings of the ACM on Programming Languages (POPL) (2020).
[7]
Gilles Barthe, Benjamin Grégoire, and Vincent Laporte. 2018. Secure Compilation of Side-Channel Countermeasures: The Case of Cryptographic "Constant-Time". In 2018 IEEE 31st Computer Security Foundations Symposium (CSF). 328--343. https://doi.org/10.1109/CSF.2018.00031
[8]
Gilles Barthe, Tamara Rezk, and David A. Naumann. 2006. Deriving an Information Flow Checker and Certifying Compiler for Java. In 2006 IEEE Symposium on Security and Privacy (S&P 2006), 21--24 May 2006, Berkeley, California, USA. IEEE Computer Society, 230--242. https://doi.org/10.1109/SP.2006.13
[9]
Quentin Carbonneaux, Jan Hoffmann, Tahina Ramananandro, and Zhong Shao. 2014. End-to-end verification of stack-space bounds for C programs. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '14, Edinburgh, United Kingdom - June 09 - 11, 2014, Michael F. P. O'Boyle and Keshav Pingali (Eds.). ACM, 270--281. https://doi.org/10.1145/2594291.2594301
[10]
Sunjay Cauligi, Gary Soeller, Brian Johannesmeyer, Fraser Brown, Riad S. Wahby, John Renner, Benjamin Gré goire, Gilles Barthe, Ranjit Jhala, and Deian Stefan. 2019. FaCT: a DSL for timing-sensitive computation. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019, Phoenix, AZ, USA, June 22--26, 2019., Kathryn S. McKinley and Kathleen Fisher (Eds.). ACM, 174--189. https://doi.org/10.1145/3314221.3314605
[11]
Juan Chen, Ravi Chugh, and Nikhil Swamy. 2010. Type-preserving compilation of end-to-end verification of security enforcement. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2010, Toronto, Ontario, Canada, June 5--10, 2010, Benjamin G. Zorn and Alexander Aiken (Eds.). ACM, 412--423. https://doi.org/10.1145/1806596.1806643
[12]
Michael R. Clarkson and Fred B. Schneider. 2008. Hyperproperties. In Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, USA, 23--25 June 2008. IEEE Computer Society, 51--65. https://doi.org/10.1109/CSF.2008.7
[13]
Karl Crary and Stephanie Weirich. 2000. Resource Bound Certification. In POPL 2000, Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Boston, Massachusetts, USA, January 19--21, 2000, Mark N. Wegman and Thomas W. Reps (Eds.). ACM, 184--198. https://doi.org/10.1145/325694.325716
[14]
Vijay D'Silva, Mathias Payer, and Dawn Song. 2015. The Correctness-Security Gap in Compiler Optimization. In Security and Privacy Workshops (SPW), 2015 IEEE. 73--87. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7163211
[15]
Alejandro Gó mez-Londo n o, Johannes Åman Pohjola, Hira Taqdees Syeda, Magnus O. Myreen, and Yong Kiam Tan. 2020. Do you have space for dessert? a verified space cost semantics for CakeML programs. Proc. ACM Program. Lang., Vol. 4, OOPSLA (2020), 204:1--204:29. https://doi.org/10.1145/3428272
[16]
Marco Guarnieri and Marco Patrignani. 2019. Exorcising Spectres with Secure Compilers. CoRR, Vol. abs/1910.08607 (2019). arxiv: 1910.08607 http://arxiv.org/abs/1910.08607
[17]
Kedar S. Namjoshi and Lucas M. Tabajara. 2020. Witnessing Secure Compilation. In Verification, Model Checking, and Abstract Interpretation - 21st International Conference, VMCAI 2020, New Orleans, LA, USA, January 16--21, 2020, Proceedings (Lecture Notes in Computer Science), Dirk Beyer and Damien Zufferey (Eds.), Vol. 11990. Springer, 1--22. https://doi.org/10.1007/978--3-030--39322--9_1
[18]
Zoe Paraskevopoulou and Andrew W. Appel. 2019. Closure conversion is safe for space. Proc. ACM Program. Lang., Vol. 3, ICFP (2019), 83:1--83:29. https://doi.org/10.1145/3341687
[19]
Pascal Raymond, Claire Maiza, Catherine Parent-Vigouroux, Erwan Jahier, Nicolas Halbwachs, Fabienne Carrier, Mihail Asavoae, and Rémy Boutonnet. 2019. Improving WCET Evaluation using Linear Relation Analysis. Leibniz Trans. Embed. Syst., Vol. 6, 1 (2019), 02:1--02:28. https://doi.org/10.4230/LITES-v006-i001-a002
[20]
Laurent Simon, David Chisnall, and Ross J. Anderson. 2018. What You Get is What You C: Controlling Side Effects in Mainstream C Compilers. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24--26, 2018. IEEE, 1--15. https://doi.org/10.1109/EuroSP.2018.00009
[21]
Robert Sison and Toby Murray. 2019. Verifying that a compiler preserves concurrent value-dependent information-flow security. In International Conference on Interactive Theorem Proving (Lecture Notes in Computer Science). Springer-Verlag.
[22]
Marco Vassena, Craig Disselkoen, Klaus von Gleissenthall, Sunjay Cauligi, Rami Gö khan Kici, Ranjit Jhala, Dean M. Tullsen, and Deian Stefan. 2021. Automatically eliminating speculative leaks from cryptographic code with blade. Proc. ACM Program. Lang., Vol. 5, POPL (2021), 1--30. https://doi.org/10.1145/3434330

Cited By

View all
  • (2025)SNIP: Speculative Execution and Non-Interference Preservation for Compiler TransformationsProceedings of the ACM on Programming Languages10.1145/37048879:POPL(1506-1535)Online publication date: 9-Jan-2025
  • (2025)Preservation of Speculative Constant-Time by CompilationProceedings of the ACM on Programming Languages10.1145/37048809:POPL(1293-1325)Online publication date: 9-Jan-2025
  • (2025)Leakage-Free Probabilistic Jasmin ProgramsProceedings of the 14th ACM SIGPLAN International Conference on Certified Programs and Proofs10.1145/3703595.3705871(3-16)Online publication date: 10-Jan-2025
  • Show More Cited By

Index Terms

  1. Structured Leakage and Applications to Cryptographic Constant-Time and Cost

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
    November 2021
    3558 pages
    ISBN:9781450384544
    DOI:10.1145/3460120
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 13 November 2021

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. cost
    2. cryptographic constant-time
    3. secure compilation

    Qualifiers

    • Research-article

    Funding Sources

    • ONR
    • ANR

    Conference

    CCS '21
    Sponsor:
    CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security
    November 15 - 19, 2021
    Virtual Event, Republic of Korea

    Acceptance Rates

    Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)159
    • Downloads (Last 6 weeks)24
    Reflects downloads up to 30 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2025)SNIP: Speculative Execution and Non-Interference Preservation for Compiler TransformationsProceedings of the ACM on Programming Languages10.1145/37048879:POPL(1506-1535)Online publication date: 9-Jan-2025
    • (2025)Preservation of Speculative Constant-Time by CompilationProceedings of the ACM on Programming Languages10.1145/37048809:POPL(1293-1325)Online publication date: 9-Jan-2025
    • (2025)Leakage-Free Probabilistic Jasmin ProgramsProceedings of the 14th ACM SIGPLAN International Conference on Certified Programs and Proofs10.1145/3703595.3705871(3-16)Online publication date: 10-Jan-2025
    • (2023)Side-channel Elimination via Partial Control-flow LinearizationACM Transactions on Programming Languages and Systems10.1145/359473645:2(1-43)Online publication date: 26-Jun-2023
    • (2023)Typing High-Speed Cryptography against Spectre v12023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179418(1094-1111)Online publication date: May-2023
    • (2023)Formal Modelling to Improve Safety and SecurityApplicable Formal Methods for Safe Industrial Products10.1007/978-3-031-40132-9_10(147-159)Online publication date: 17-Aug-2023
    • (2022)Enforcing Fine-grained Constant-time PoliciesProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560689(83-96)Online publication date: 7-Nov-2022

    View Options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Login options

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media