SideTrail: Verifying Time-Balancing of Cryptosystems
| Autor: | Konstantinos Athanasiou, Byron Cook, Michael Emmi, Daniel Schwartz-Narbonne, Colm MacCarthaigh, Serdar Tasiran |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
021110 strategic
defence & security studies Correctness Process (engineering) Computer science Distributed computing 0211 other engineering and technologies 020207 software engineering 02 engineering and technology Continuous integration Range (mathematics) Countermeasure 0202 electrical engineering electronic engineering information engineering Code (cryptography) Cryptosystem Implementation |
| Zdroj: | Lecture Notes in Computer Science ISBN: 9783030035914 VSTTE |
| DOI: | 10.1007/978-3-030-03592-1_12 |
| Popis: | Timing-based side-channel attacks are a serious security risk for modern cryptosystems. The time-balancing countermeasure used by several TLS implementations (e.g. s2n, GnuTLS) ensures that execution timing is negligibly influenced by secrets, and hence no attacker-observable timing behavior depends on secrets. These implementations can be difficult to validate, since time-balancing countermeasures depend on global properties across multiple executions. In this work we introduce the tool SideTrail, which we use to prove the correctness of time-balancing countermeasures in s2n, the open-source TLS implementation used across a range of products from AWS, including S3. SideTrail is used in s2n’s continuous integration process, and has detected three side-channel issues that the s2n team confirmed and repaired before the affected code was deployed to production systems. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|