STAnalyzer: A simple static analysis tool for detecting cache-timing leakages

Alexander Schaub 1, 2 Sylvain Guilley 3, 2, 4 Olivier Rioul 1, 2
1 COMNUM - Communications Numériques
LTCI - Laboratoire Traitement et Communication de l'Information
3 SSH - Secure and Safe Hardware
LTCI - Laboratoire Traitement et Communication de l'Information
Abstract : Cache-timing attacks are a class of side-channel attacks that target software implementations of cryptographic algorithms. If the cache-access pattern of the implementation depends on sensitive information, then a cache-timing attack can retrieve this information, which can potentially lead to a secret-key recovery. Implementations which branch on condi- tions depending on sensitive information, or that access memory locations whose address depend on sensitive information, are potentially vulnerable to such attacks. This paper presents an algorithm for verifying that a program, imple- mented in the C language, is free from cache-timing leakages. It consists in computing the dependencies of all the variables used in the program, and listing all sensible values that leak due to branching and memory accesses. An implementation of this algorithm, STAnalyzer, is also pro- vided. It allows to flag sensitive values, and those are tracked across computations, function calls, etc. Therefore, only leakages of sensitive values are reported. Because the algorithm runs directly on an abstract syntaxic tree (AST) of the C program, the output is straightforward to interpret: dependencies between C variables are reported, as well as the stack of function calls and instructions that lead to the leakage of sensitive values.
Complete list of metadatas

https://hal.telecom-paristech.fr/hal-02300786
Contributor : Olivier Rioul <>
Submitted on : Sunday, September 29, 2019 - 8:52:25 PM
Last modification on : Monday, November 11, 2019 - 1:13:36 AM

Identifiers

  • HAL Id : hal-02300786, version 1

Citation

Alexander Schaub, Sylvain Guilley, Olivier Rioul. STAnalyzer: A simple static analysis tool for detecting cache-timing leakages. 17th International Workshop on Cryptographic Architectures Embedded in Logic Devices (CryptArchi 2019), Jun 2019, Prague, Czech Republic. ⟨hal-02300786⟩

Share

Metrics

Record views

29