System-Level Non-interference of Constant-Time Cryptography. Part II: Verified Static Analysis and Stealth Memory

This paper constitutes the second part of a paper published in Barthe et al. (J Autom Reason, 2017. 10.1007/s10817-017-9441-5). Cache-based attacks are a class of side-channel attacks that are particularly effective in virtualized or cloud-based environments, where they have been used to recover secret keys from cryptographic implementations. One common approach to thwart cache-based attacks is to use constant-time implementations, i.e. those which do not branch on secrets and do not perform memory accesses that depend on secrets. However, there is no rigorous proof that constant-time implementations are protected against concurrent cache-attacks in virtualization platforms with shared cache. We propose a new information-flow analysis that checks if an x86 application executes in constant-time, and show that constant-time programs do not leak confidential information through the cache to other operating systems executing concurrently on virtualization platforms. Our static analysis targets the pre-assembly language of the CompCert verified compiler. Its soundness proof is based on a connection between CompCert semantics and our idealized model of virtualization, and uses isolation theorems presented in Part I. We then extend our model of virtualization platform and our static analysis to accommodate stealth memory, a countermeasure which provisions a small amount of private cache for programs to carry potentially leaking computations securely. Stealth memory induces a weak form of constant-time, called S-constant-time, which encompasses some widely used cryptographic implementations. Our results provide the first rigorous analysis of stealth memory and S-constant-time, and the first tool support for checking if applications are S-constant-time. We formalize our results using the Coq proof assistant and we demonstrate the effectiveness of our analyses on cryptographic implementations, including PolarSSL AES, DES and RC4, SHA256 and Salsa20.

[1]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[2]  Danfeng Zhang,et al.  Predictive mitigation of timing channels in interactive systems , 2011, CCS '11.

[3]  Corina S. Pasareanu,et al.  Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).

[4]  Anne Canteaut,et al.  Understanding cache attacks , 2006 .

[5]  Deian Stefan,et al.  Eliminating Cache-Based Timing Attacks with Instruction-Based Scheduling , 2013, ESORICS.

[6]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[7]  Onur Aciiçmez,et al.  Cache Based Remote Timing Attack on the AES , 2007, CT-RSA.

[8]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[9]  Deian Stefan,et al.  CT-wasm: type-driven secure cryptography for the web ecosystem , 2018, Proc. ACM Program. Lang..

[10]  Benjamin Grégoire,et al.  Secure Compilation of Side-Channel Countermeasures: The Case of Cryptographic “Constant-Time” , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[11]  Michael Hamburg,et al.  Meltdown: Reading Kernel Memory from User Space , 2018, USENIX Security Symposium.

[12]  Jan Jürjens,et al.  Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[13]  Gilles Barthe,et al.  Verified Translation Validation of Static Analyses , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[14]  David Schultz,et al.  The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks , 2005, ICISC.

[15]  Adam Chlipala,et al.  Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[16]  Andrew W. Appel,et al.  Verification of a Cryptographic Primitive: SHA-256 , 2015, TOPL.

[17]  Gilles Barthe,et al.  Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations , 2013, IACR Cryptol. ePrint Arch..

[18]  Xavier Leroy,et al.  Formal certification of a compiler back-end or: programming a compiler with a proof assistant , 2006, POPL '06.

[19]  Juan Chen,et al.  Secure distributed programming with value-dependent types , 2011, Journal of Functional Programming.

[20]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[21]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[22]  Xavier Leroy,et al.  A Formally-Verified Alias Analysis , 2012, CPP.

[23]  Martín Abadi,et al.  Operating system protection against side-channel attacks that exploit memory latency , 2007 .

[24]  Kenneth G. Paterson,et al.  Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure , 2018, IACR Cryptol. ePrint Arch..

[25]  Philip Hawkes,et al.  Cache Timing Analysis of LFSR-Based Stream Ciphers , 2009, IMACC.

[26]  Gilles Barthe,et al.  Leakage Resilience against Concurrent Cache Attacks , 2014, POST.

[27]  Gorka Irazoqui Apecechea,et al.  Fine Grain Cross-VM Attacks on Xen and VMware , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[28]  Jan Reineke,et al.  CacheAudit: A Tool for the Static Analysis of Cache Side Channels , 2013, TSEC.

[29]  Jan Jürjens,et al.  Computational verification of C protocol implementations by symbolic execution , 2012, CCS.

[30]  Gilles Barthe,et al.  Verifying Constant-Time Implementations , 2016, USENIX Security Symposium.

[31]  Hiroshi Miyauchi,et al.  Cryptanalysis of DES Implemented on Computers with Cache , 2003, CHES.

[32]  Michael Hind,et al.  Pointer analysis: haven't we solved this problem yet? , 2001, PASTE '01.

[33]  David Pichardie,et al.  Verifying Constant-Time Implementations by Abstract Interpretation , 2019, ESORICS.

[34]  Yuval Yarom,et al.  May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 , 2017, CCS.

[35]  Andrew D. Gordon,et al.  Modular verification of security protocol code by typing , 2010, POPL '10.

[36]  LeroyXavier Formal certification of a compiler back-end or , 2006 .

[37]  Benjamin Grégoire,et al.  FaCT: a DSL for timing-sensitive computation , 2019, PLDI.

[38]  Toby Murray,et al.  Verifying that a compiler preserves concurrent value-dependent information-flow security , 2019, ITP.

[39]  Bruce Schneier,et al.  Side Channel Cryptanalysis of Product Ciphers , 1998, J. Comput. Secur..

[40]  Michael Hamburg,et al.  Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[41]  Koen De Bosschere,et al.  Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[42]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[43]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[44]  Hassan Aly,et al.  Attacking AES Using Bernstein's Attack on Modern Processors , 2013, AFRICACRYPT.

[45]  Vitaly Shmatikov,et al.  Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17-21, 2011 , 2011, CCS.

[46]  Gilles Barthe,et al.  Cache-Leakage Resilient OS Isolation in an Idealized Model of Virtualization , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[47]  Pierre-Alain Fouque,et al.  Cache Timing Analysis of RC4 , 2011, ACNS.

[48]  Gilles Barthe,et al.  Product programs and relational program logics , 2016, J. Log. Algebraic Methods Program..

[49]  Bryan Parno,et al.  SoK: Computer-Aided Cryptography , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[50]  Bruno Blanchet,et al.  From Computationally-proved Protocol Specifications to Implementations , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[51]  Thomas P. Jensen,et al.  Securing Compilation Against Memory Probing , 2018, PLAS@CCS.

[52]  Benjamin Grégoire,et al.  Computer-Aided Security Proofs for the Working Cryptographer , 2011, CRYPTO.

[53]  Andrew W. Appel,et al.  Verified Correctness and Security of mbedTLS HMAC-DRBG , 2017, CCS.

[54]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[55]  Karthikeyan Bhargavan,et al.  HACL*: A Verified Modern Cryptographic Library , 2017, CCS.

[56]  Andrew W. Appel,et al.  Program Logics for Certified Compilers , 2014 .

[57]  Elaine Shi,et al.  Memory Trace Oblivious Program Execution , 2013, 2013 IEEE 26th Computer Security Foundations Symposium.

[58]  Joseph Bonneau,et al.  Cache-Collision Timing Attacks Against AES , 2006, CHES.

[59]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[60]  Jacek Chrząszcz Implementing Modules in the Coq System , 2003, TPHOLs.

[61]  Frédéric Besson,et al.  Information-Flow Preservation in Compiler Optimisations , 2019, 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).

[62]  Peter Schwabe,et al.  Faster and Timing-Attack Resistant AES-GCM , 2009, CHES.

[63]  Gilles Barthe,et al.  Deriving an information flow checker and certifying compiler for Java , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[64]  Taesoo Kim,et al.  STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud , 2012, USENIX Security Symposium.

[65]  Srinath T. V. Setty,et al.  Vale: Verifying High-Performance Cryptographic Assembly Code , 2017, USENIX Security Symposium.

[66]  Andreas Zeller,et al.  Quantifying the Information Leakage in Cache Attacks via Symbolic Execution , 2019, ACM Trans. Embed. Comput. Syst..

[67]  Haibo Chen,et al.  Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[68]  Thomas F. Wenisch,et al.  Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution , 2018 .

[69]  Thomas Peyrin,et al.  Structural Evaluation of AES and Chosen-Key Distinguisher of 9-Round AES-128 , 2013, CRYPTO.

[70]  Gilles Barthe,et al.  Relational Verification Using Product Programs , 2011, FM.

[71]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[72]  Adi Shamir,et al.  Efficient Cache Attacks on AES, and Countermeasures , 2010, Journal of Cryptology.

[73]  Andrew W. Appel,et al.  Verified Correctness and Security of OpenSSL HMAC , 2015, USENIX Security Symposium.

[74]  Yuval Yarom,et al.  CacheBleed: a timing attack on OpenSSL constant-time RSA , 2016, Journal of Cryptographic Engineering.

[75]  B LeeRuby,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007 .

[76]  Meng Wu,et al.  Eliminating timing side-channel leaks using program repair , 2018, ISSTA.

[77]  Stephan Krenn,et al.  Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice , 2011, 2011 IEEE Symposium on Security and Privacy.

[78]  Xiao Liu,et al.  CacheD: Identifying Cache-Based Timing Channels in Production Software , 2017, USENIX Security Symposium.

[79]  Fernando Magno Quintão Pereira,et al.  Sparse representation of implicit flows with applications to side-channel detection , 2016, CC.

[80]  Gilles Barthe,et al.  System-Level Non-interference of Constant-Time Cryptography. Part I: Model , 2017, Journal of Automated Reasoning.

[81]  Gary A. Kildall,et al.  A unified approach to global program optimization , 1973, POPL.

[82]  Goran Doychev,et al.  Rigorous analysis of software countermeasures against cache attacks , 2017, PLDI.

[83]  Sanjit A. Seshia,et al.  A Formal Approach to Secure Speculation , 2019, 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).

[84]  Benjamin Grégoire,et al.  Jasmin: High-Assurance and High-Speed Cryptography , 2017, CCS.

[85]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .