CacheAudit 0.2b and CacheAudit 0.2c

Cache side chanels are an important class of implementation-level vulnerabilities in software. A cache-side-channel vulnerability exists if secret input to a program has a publicly observable effect on a cache (e.g., a cache that is shared between multiple virtual machines).

The tools CacheAudit 0.2b and CacheAudit 0.2c are extensions of the tool CacheAudit 0.2 (by Doychev, Köpf, Mauborgne, and Reinecke). Like the original CacheAudit 0.2, the goal of CacheAudit 0.2b and CacheAudit 0.2c is to compute upper bounds on the leakage of secret information through cache side channels.

Overview of the Tool

The original CacheAudit 0.2 quantifies the amount of information that an x86 binary leaks through cache side channels. It takes as input an x86 binary and outputs upper bounds on the cache-side-channel leakage of the binary with respect to four cache-side-channel attacker models. The analysis performed by the tool is based on abstract interpretation.

The version CacheAudit 0.2b belongs to an article published at ESSoS 2017, which presents a quantitative study of cache-side-channel leakage across multiple AES implementations. To allow such a comparative study, across multiple off-the-shelf implementations of AES, CacheAudit 0.2b extends CacheAudit 0.2 in two dimensions. Firstly, it extends the language coverage of x86 instructions. Secondly, it refines the abstract domain for tracking the values of x86 processor flags.

The version CacheAudit 0.2c belongs to an article published at FPS 2017, which presents the quantitative analysis of cache-side-channel leakage in the implementation of the lattice-based signature scheme ring-TESLA. To allow the analysis of the ring-TESLA implementation, CacheAudit 0.2c extends the language coverage of x86 instructions in CacheAudit 0.2b.

Example from the Comparative Study of Cache Side Channels across AES Implementations

The following figure shows an example of leakage bounds obtained during the comparative study of AES implementations. Each point in the diagram depicts a leakage bound obtained from one analysis with CacheAudit 0.2b.

Black triangular points correspond to leakage bounds obtained for the lookup-table-based AES implementation from the library LibTomCrypt 1.17. Black diamond-shaped points correspond to leakage bounds obtained for the lookup-table-based AES implementation from the library mbed TLS 2.2.1. Red square points correspond to leakage bounds obtained for the lookup-table-based AES implementation from the library Nettle 3.2. Blue circular points correspond to leakage bounds obtained for the lookup-table-based AES implementation from OpenSSL 1.0.1t. The x-coordinate of a point corresponds to the cache size with respect to which the leakage bound was computed. The y-coordinate of a point corresponds to the leakage bound in bit. All leakage bounds depicted are with respect to an attacker model under which the attacker can observe the amount of memory blocks cached in each cache set of a shared cache after one run of the AES implementation.

The leakage bounds for all four AES implementations increase with increasing cache size and eventually stabilize. The cache size, at which the leakage bounds stabilize, differs across the AES implementations. Interestingly, the cache size at which the leakage bounds for an AES implementation stabilize is related to the amount of lookup tables used by the implementation. The analyzed AES implementation from LibTomCrypt uses 4KB of lookup tables in the main AES rounds and 4KB of additional lookup tables in the last AES round. The analyzed implementations from mbed TLS and Nettle user 4KB of lookup tables in the main rounds and one S-Box in the last round. The analyzed AES implementation from OpenSSL uses the same 4KB of lookup tables across all rounds. For all four analyzed AES implementations, the stabilization occurs as soon as the mapping from memory blocks (used for the AES lookup tables) to cache sets becomes injective. A stabilization of leakage bounds means that the security guarantees obtained for the AES implementations are robust with respect to an increase of the cache size. This is particularily interesting since cache sizes tend to grow with technological advance.

Download

The versions CacheAudit 0.2b, used for the comparative study across AES implementations, and CacheAudit 0.2c, used for the analysis of the ring-TESLA implementation, can be downloaded below.
CacheAudit 0.2b
CacheAudit 0.2c

Furthermore, the source code of CacheAudit is available on GitHub.
CacheAudit on GitHub
CacheAudit 0.2b on GitHub
CacheAudit 0.2c on GitHub

Publications

A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang