Antoine Geimer, Mathéo Vergnolle, Frédéric Recoules, Lesly-Ann Daniel, Sébastien Bardin, Clémentine Maurice

Poster: Systematic Evaluation of Automated Tools for Side-Channel Vulnerability Detection in Cryptographic Libraries

Introduction

Poster: systematic evaluation of automated tools for side-channel vulnerability detection in cryptographic libraries. Systematically evaluate automated tools for side-channel vulnerability detection in cryptographic libraries. We classify 34, benchmark 5, uncover limitations, and recommend improvements.

Abstract

To protect cryptographic implementations from side-channel vulnerabilities, developers must adopt constant-time programming practices. As these can be error-prone, many side-channel detection tools have been proposed. Despite this, such vulnerabilities are still manually found in cryptographic libraries. While a recent paper by Jancar et al. shows that developers rarely perform side-channel detection, it is unclear if existing detection tools could have found these vulnerabilities in the first place. To answer this question we surveyed the literature to build a classification of 34 side-channel detection frameworks. The classification we offer compares multiple criteria, including the methods used, the scalability of the analysis or the threat model considered. We then built a unified common benchmark of representative cryptographic operations on a selection of 5 promising detection tools. This benchmark allows us to better compare the capabilities of each tool, and the scalability of their analysis. Additionally, we offer a classification of recently published side-channel vulnerabilities. We then test each of the selected tools on benchmarks reproducing a subset of these vulnerabilities as well as the context in which they appear. We find that existing tools can struggle to find vulnerabilities for a variety of reasons, mainly the lack of support for SIMD instructions, implicit flows, and internal secret generation. Based on our findings, we develop a set of recommendations for the research community and cryptographic library developers, with the goal to improve the effectiveness of side-channel detection tools. In addition, we present preliminary results on the impact of compiler optimizations on constant-time source code. Our results bring nuance to the claim that newer compiler versions introduce more vulnerabilities and details new examples where complex interactions between optimizations can introduce secret-dependent branches.

Review

This poster addresses a critical gap in the field of cryptographic security: the persistent presence of side-channel vulnerabilities despite the availability of numerous automated detection tools. The authors meticulously frame the problem by noting that while constant-time programming is essential, its error-prone nature means automated assistance is crucial. Building upon the observation that developers rarely use these tools, the core question investigated is whether existing tools are even capable of finding real-world vulnerabilities. This work therefore undertakes a systematic evaluation to provide much-needed clarity on the actual efficacy and limitations of current side-channel detection mechanisms. The methodology employed is comprehensive, commencing with a literature survey to classify 34 side-channel detection frameworks based on criteria such as methods, scalability, and threat model. From this extensive classification, a selection of 5 promising tools was chosen for deeper investigation, subjected to a unified benchmark of representative cryptographic operations. Crucially, the authors also compiled a classification of recently published side-channel vulnerabilities, enabling the tools to be tested against real-world scenarios. The findings are illuminating, revealing that current tools often struggle with vulnerabilities stemming from SIMD instructions, implicit flows, and internal secret generation. Additionally, the work presents preliminary but significant results regarding the nuanced impact of compiler optimizations on constant-time code, challenging simplistic views about compiler version effects and detailing new examples of optimization-induced secret dependencies. The contributions of this poster are highly relevant and practical. By systematically dissecting the capabilities and shortcomings of contemporary side-channel detection tools, the authors provide invaluable insights that will guide future research and development efforts. The derived recommendations for both the research community and cryptographic library developers are a direct actionable outcome, aiming to enhance tool effectiveness and, consequently, the security of cryptographic implementations. This systematic evaluation, coupled with the important preliminary findings on compiler optimizations, lays a strong foundation for improving the constant-time programming paradigm and represents a significant step towards bridging the gap between theoretical tool capabilities and the practical challenges of securing cryptographic libraries against side-channel attacks.

Full Text

Comments

You need to be logged in to post a comment.