Evaluation and Mitigation of Timing Side-channel Leakages on Multiple-target Dynamic Binary Translators

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

  • Otavio Napoli, Campinas Universitet, Brasilien
  • Vanderson Martins do Rosario, Campinas Universitet, Brasilien
  • Diego F. Aranha
  • Edson Borin, Campinas Universitet, Brasilien

Timing side-channel attacks are an important issue for cryptographic algorithms. If the execution time of an implementation depends on secret information, an adversary may recover the latter through measuring the former. Different approaches have emerged to exploit information leakage on cryptographic implementations and to protect them against these attacks, and recent works extend the concerns to dynamic execution systems [3, 15, 24]. However, little has been said about Cross-ISA emulation and its impact on timing leakages. In this paper, we investigate the impact of dynamic binary translators in the constant-time property of known cryptographic implementations, using different Region Formation Techniques (RFTs). We show that the emulation may have a significant impact by inserting non constant-time constructions during the translation, leading to significant timing leakages in QEMU and HQEMU emulators. These leakages are then verified using a statistical approach. In order to guarantee the constant-time property, we have implemented a solution in the QEMU dynamic binary translator, mitigating the inserted timing side-channels.

OriginalsprogEngelsk
TitelHigh Performance Computing Systems : WSCAD 2018
RedaktørerCalebe Bianchini, Carla Osthoff, Paulo Souza, Renato Ferreira
Antal sider16
UdgivelsesstedCham
ForlagSpringer
Udgivelsesår2020
Sider152-167
ISBN (trykt)978-3-030-41049-0
ISBN (Elektronisk)978-3-030-41050-6
DOI
StatusUdgivet - 2020
Begivenhed19th Symposium on High Performance Computing Systems - São Paulo, Brasilien
Varighed: 1 okt. 20183 okt. 2018
Konferencens nummer: 19

Konference

Konference19th Symposium on High Performance Computing Systems
Nummer19
LandBrasilien
BySão Paulo
Periode01/10/201803/10/2018
SerietitelCommunications in Computer and Information Science
Vol/bind1171
ISSN1865-0929

Se relationer på Aarhus Universitet Citationsformater

ID: 179448702