skip to main content
research-article
Open Access

Exposing cache timing side-channel leaks through out-of-order symbolic execution

Published:13 November 2020Publication History
Skip Abstract Section

Abstract

As one of the fundamental optimizations in modern processors, the out-of-order execution boosts the pipeline throughput by executing independent instructions in parallel rather than in their program orders. However, due to the side effects introduced by such microarchitectural optimization to the CPU cache, secret-critical applications may suffer from timing side-channel leaks. This paper presents a symbolic execution-based technique, named SymO3, for exposing cache timing leaks under the context of out-of-order execution. SymO3 proposes new components that address the modeling, reduction, and reasoning challenges of accommodating program analysis to the software code out-of-order analysis. We implemented SymO3 upon KLEE and conducted three evaluations on it. Experimental results show that SymO3 successfully uncovers a set of cache timing leaks in five real-world programs. Also, SymO3 finds that, in general, program transformation from compiler optimizations shrink the surface to timing leaks. Furthermore, augmented with a speculative execution modeling, SymO3 identifies five more leaky programs based on the compound analysis.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is a presentation video of my talk at OOPSLA 2020 on our paper accepted in the research track. In this paper, we develop a symbolic execution-based technique, named SymO3, for exposing cache timing leaks under the context of out-of-order execution. SymO3 proposes new components that address the modeling, reduction, and reasoning challenges of accommodating program analysis to the software code out-of-order analysis. We implemented SymO3 upon KLEE and conducted three evaluations on it. Experimental results show that SymO3 successfully uncovers a set of cache timing leaks in five real-world programs. Also, SymO3 finds that, in general, program transformation from compiler optimizations shrink the surface to timing leaks. Furthermore, augmented with a speculative execution modeling, SymO3 identifies five more leaky programs based on the compound analysis.

References

  1. A. Abel and J. Reineke. uops.info: Characterizing latency, throughput, and port usage of instructions on intel microarchitectures. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2019, Providence, RI, USA, April 13-17, 2019, pages 673-686, 2019.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. A. C. Aldaya, C. P. García, L. M. A. Tapia, and B. B. Brumley. Cache-timing attacks on RSA key generation. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2019 (4): 213-242, 2019. doi: 10.13154/tches.v2019. i4. 213-242. URL https://doi.org/10.13154/ tches.v2019. i4. 213-242. Google ScholarGoogle ScholarCross RefCross Ref
  3. T. Antonopoulos, P. Gazzillo, M. Hicks, E. Koskinen, T. Terauchi, and S. Wei. Decomposition instead of self-composition for proving the absence of timing channels. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2017, Barcelona, Spain, June 18-23, 2017, pages 362-375, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. L. Bang, A. Aydin, Q. Phan, C. S. Pasareanu, and T. Bultan. String analysis for side channels with segmented oracles. In Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2016, Seattle, WA, USA, November 13-18, 2016, pages 193-204, 2016.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. L. Bang, N. Rosner, and T. Bultan. Online synthesis of adaptive side-channel attacks based on noisy observations. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24-26, 2018, pages 307-322, 2018.Google ScholarGoogle ScholarCross RefCross Ref
  6. G. Barthe, B. Köpf, L. Mauborgne, and M. Ochoa. Leakage resilience against concurrent cache attacks. In Principles of Security and Trust-Third International Conference, POST 2014, pages 140-158, 2014.Google ScholarGoogle ScholarCross RefCross Ref
  7. T. Basu and S. Chattopadhyay. Testing cache side-channel leakage. In 2017 IEEE International Conference on Software Testing, Verification and Validation Workshops, ICST Workshops 2017, Tokyo, Japan, March 13-17, 2017, pages 51-60, 2017.Google ScholarGoogle ScholarCross RefCross Ref
  8. T. Basu, K. Aggarwal, C. Wang, and S. Chattopadhyay. An exploration of efective fuzzing for side-channel cache leakage. Softw. Test., Verif. Reliab., 30 ( 1 ), 2020.Google ScholarGoogle Scholar
  9. T. Bergan, D. Grossman, and L. Ceze. Symbolic execution of multithreaded programs from arbitrary program contexts. In OOPSLA, pages 491-506, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. R. Brotzman, S. Liu, D. Zhang, G. Tan, and M. T. Kandemir. Casym: Cache aware symbolic execution for side channel detection and mitigation. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019, pages 505-521. IEEE, 2019.Google ScholarGoogle ScholarCross RefCross Ref
  11. S. Bucur, V. Ureche, C. Zamfir, and G. Candea. Parallel symbolic execution for automated real-world software testing. In European Conference on Computer Systems, Proceedings of the Sixth European conference on Computer systems, EuroSys 2011, Salzburg, Austria, April 10-13, 2011, pages 183-198, 2011.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. J. V. Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15-17, 2018., pages 991-1008, 2018.Google ScholarGoogle Scholar
  13. D. Burger and T. M. Austin. The simplescalar tool set, version 2.0. ACM SIGARCH computer architecture news, 25 ( 3 ): 13-25, 1997.Google ScholarGoogle Scholar
  14. C. Cadar. Targeted program transformations for symbolic execution. In Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, Bergamo, Italy, August 30-September 4, 2015, pages 906-909, 2015.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. C. Cadar, D. Dunbar, and D. R. Engler. KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In 8th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2008, December 8-10, 2008, San Diego, California, USA, Proceedings, pages 209-224, 2008.Google ScholarGoogle Scholar
  16. S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley. Unleashing mayhem on binary code. In IEEE Symposium on Security and Privacy, SP 2012, 21-23 May 2012, San Francisco, California, USA, pages 380-394, 2012.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. S. Chattopadhyay. Directed automated memory performance testing. In Tools and Algorithms for the Construction and Analysis of Systems-23rd International Conference, TACAS 2017, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS, pages 38-55, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. S. Chattopadhyay, M. Beck, A. Rezine, and A. Zeller. Quantifying the information leak in cache attacks via symbolic execution. In Proceedings of the 15th ACM-IEEE International Conference on Formal Methods and Models for System Design, MEMOCODE 2017, Vienna, Austria, September 29-October 02, 2017, pages 25-35, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. J. Chen, Y. Feng, and I. Dillig. Precise detection of side-channel vulnerabilities using quantitative cartesian hoare logic. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 875-890, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. J. Chen, W. Hu, L. Zhang, D. Hao, S. Khurshid, and L. Zhang. Learning to accelerate symbolic execution via code transformation. In 32nd European Conference on Object-Oriented Programming, ECOOP 2018, July 16-21, 2018, Amsterdam, The Netherlands, pages 6 : 1-6 : 27, 2018.Google ScholarGoogle Scholar
  21. D. Chu, J. Jafar, and R. Maghareh. Precise cache timing analysis via symbolic execution. In 2016 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), Vienna, Austria, April 11-14, 2016, pages 293-304, 2016.Google ScholarGoogle ScholarCross RefCross Ref
  22. L. Ciortea, C. Zamfir, S. Bucur, V. Chipounov, and G. Candea. Cloud9: a software testing service. Operating Systems Review, 43 ( 4 ): 5-10, 2009.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. L. A. Clarke. A program testing system. In Proceedings of the 1976 Annual Conference, Houston, Texas, USA, October 20-22, 1976, pages 488-491, 1976.Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. Colin and I. Puaut. Worst case execution time analysis for a processor with branch prediction. Real-Time Systems, 18 ( 2-3 ): 249-274, 2000.Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. B. Coppens, I. Verbauwhede, K. D. Bosschere, and B. D. Sutter. Practical mitigations for timing-based side-channel attacks on modern x86 processors. In 2009 30th IEEE Symposium on Security and Privacy, pages 45-60, May 2009. doi: 10.1109/SP. 2009. 19.Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. M. Dellinger, P. Garyali, and B. Ravindran. chronos. Chronos linux: a bestefort real-time multiprocessor linux kernel, 2011.Google ScholarGoogle Scholar
  27. J. Dhem, F. Koeune, P. Leroux, P. Mestré, J. Quisquater, and J. Willems. A practical implementation of the timing attack. In Smart Card Research and Applications, This International Conference, CARDIS '98, Louvain-la-Neuve, Belgium, September 14-16, 1998, Proceedings, pages 167-182, 1998.Google ScholarGoogle Scholar
  28. D. Dinu, Y. L. Corre, D. Khovratovich, L. Perrin, J. Großschädl, and A. Biryukov. triathlon. Triathlon of lightweight block ciphers for the internet of things., 2015.Google ScholarGoogle Scholar
  29. C. Disselkoen, D. Kohlbrenner, L. Porter, and D. M. Tullsen. Prime+abort: A timer-free high-precision L3 cache attack using intel TSX. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017., pages 51-67, 2017.Google ScholarGoogle Scholar
  30. S. Dong, O. Olivo, L. Zhang, and S. Khurshid. Studying the influence of standard compiler optimizations on symbolic execution. In 26th IEEE International Symposium on Software Reliability Engineering, ISSRE 2015, Gaithersbury, MD, USA, November 2-5, 2015, pages 205-215, 2015.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. G. Doychev and B. Köpf. Rigorous analysis of software countermeasures against cache attacks. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2017, Barcelona, Spain, June 18-23, 2017, pages 406-421, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. G. Doychev, D. Feld, B. Köpf, L. Mauborgne, and J. Reineke. Cacheaudit: A tool for the static analysis of cache side channels. In Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, pages 431-446, 2013.Google ScholarGoogle Scholar
  33. Y. Etsion. Computer Architecture: Out-of-order Execution. https://iis-people.ee.ethz.ch/~gmichi/asocd/addinfo/Out-ofOrder_execution.pdf, 2013.Google ScholarGoogle Scholar
  34. C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In J. Palsberg and M. Abadi, editors, Proceedings of the 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2005, Long Beach, California, USA, January 12-14, 2005, pages 110-121. ACM, 2005.Google ScholarGoogle Scholar
  35. FourQLib. FourQLib. https://github.com/Microsoft/FourQlib/, 2020.Google ScholarGoogle Scholar
  36. freeradius. freeradius. https://freeradius.org/, 2020.Google ScholarGoogle Scholar
  37. GDK. GDK. GDK Library https://developer.gnome. org/gdk3/3.22/, 2018.Google ScholarGoogle Scholar
  38. glibc. glibc-2. 29.9000. https://www.gnu.org/software/libc/, 2019.Google ScholarGoogle Scholar
  39. B. Gras, K. Razavi, E. Bosman, H. Bos, and C. Giufrida. ASLR on the line: Practical cache attacks on the MMU. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26-March 1, 2017. The Internet Society, 2017.Google ScholarGoogle ScholarCross RefCross Ref
  40. D. Gruss, C. Maurice, K. Wagner, and S. Mangard. Flush+flush: A fast and stealthy cache attack. In Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment-Volume 9721, DIMVA 2016, page 279-299, Berlin, Heidelberg, 2016. Springer-Verlag. ISBN 9783319406664.Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. M. Guarnieri, B. Köpf, J. F. Morales, J. Reineke, and A. Sánchez. Spectector: Principled detection of speculative information lfows. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020, pages 1-19. IEEE, 2020. doi: 10.1109/SP40000. 2020.00011. URL https://doi.org/10.1109/SP40000. 2020. 00011. Google ScholarGoogle ScholarCross RefCross Ref
  42. S. Guo, M. Kusano, C. Wang, Z. Yang, and A. Gupta. Assertion guided symbolic execution of multithreaded programs. In ACM SIGSOFT Symposium on Foundations of Software Engineering, pages 854-865, 2015.Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. S. Guo, M. Wu, and C. Wang. Adversarial symbolic execution for detecting concurrency-related cache timing leaks. In Proceedings of the 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/SIGSOFT FSE 2018, Lake Buena Vista, FL, USA, November 04-09, 2018, pages 377-388, 2018.Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. S. Guo, Y. Chen, P. Li, Y. Cheng, H. Wang, M. Wu, and Z. Zuo. Specusym: Speculative symbolic execution for cache timing leak detection. In Proceedings of the 42th International Conference on Software Engineering: Companion Proceeedings, ICSE 2020, Seoul, South Korea, pages 1235-1247, 2020. doi: 10.1145/3377811.3380428. URL https://doi.org/10.1145/3377811.3380428. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. J. Gustafsson, A. Betts, A. Ermedahl, and B. Lisper. [email protected]. The Mälardalen WCET Benchmarks-Past, Present and Future, 2010.Google ScholarGoogle Scholar
  46. T. Gysi, T. Grosser, L. Brandner, and T. Hoefler. A fast analytical model of fully associative caches. In K. S. McKinley and K. Fisher, editors, Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019, Phoenix, AZ, USA, June 22-26, 2019, pages 816-829. ACM, 2019.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. S. He, M. Emmi, and G. F. Ciocarlie. ct-fuzz: Fuzzing for timing leaks. CoRR, abs/ 1904.07280, 2019.Google ScholarGoogle Scholar
  48. Intel. The SkyLake Microarchitecture. https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-optimization-manual.pdf, 2016.Google ScholarGoogle Scholar
  49. J. C. King. Symbolic execution and program testing. Commun. ACM, 19 ( 7 ): 385-394, 1976.Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. KLEE-Native. Binary Symbolic Execution with KLEE-Native. https://github.com/lifting-bits/klee#klee-native, 2019.Google ScholarGoogle Scholar
  51. P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom. Spectre attacks: Exploiting speculative execution. In 40th IEEE Symposium on Security and Privacy (S&P'19), 2019.Google ScholarGoogle ScholarCross RefCross Ref
  52. P. C. Kocher. Timing attacks on implementations of difie-hellman, rsa, dss, and other systems. In Advances in Cryptology-CRYPTO '96, 16th Annual International Cryptology Conference, Santa Barbara, California, USA, August 18-22, 1996, Proceedings, pages 104-113, 1996.Google ScholarGoogle Scholar
  53. M. Kusano and C. Wang. Thread-modular static analysis for relaxed memory models. In E. Bodden, W. Schäfer, A. van Deursen, and A. Zisman, editors, Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2017, Paderborn, Germany, September 4-8, 2017, pages 337-348. ACM, 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. S. K. Lahiri, S. A. Seshia, and R. E. Bryant. Modeling and verification of out-of-order microprocessors in uclid. In International Conference on Formal Methods in Computer-Aided Design, pages 142-159. Springer, 2002.Google ScholarGoogle ScholarCross RefCross Ref
  55. C. Lattner and V. S. Adve. LLVM: A compilation framework for lifelong program analysis & transformation. In 2nd IEEE/ACM International Symposium on Code Generation and Optimization, 20-24 March 2004, San Jose, CA, USA, pages 75-88, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  56. C. Lee, M. Potkonjak, and W. Mangione-Smith. mediabench. MediaBench: a tool for evaluating and synthesizing multimedia and communications systems, 1997.Google ScholarGoogle Scholar
  57. X. Li, A. Roychoudhury, and T. Mitra. Modeling out-of-order processors for software timing analysis. In Proceedings of the 25th IEEE Real-Time Systems Symposium, 5-8 December 2004, Lisbon, Portugal, pages 92-103, 2004.Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. X. Li, A. Roychoudhury, and T. Mitra. Modeling out-of-order processors for WCET analysis. Real-Time Systems, 34 ( 3 ): 195-227, 2006.Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. libfixedtimefixedpoint. libfixedtimefixedpoint. A library for doing constant-time fixed-point numeric operations: https://github.com/kmowery/libfixedtimefixedpoint/, 2017.Google ScholarGoogle Scholar
  60. Libgcrypt. Libgcrypt-1.8.4. https://gnupg.org/software/libgcrypt/index.html, 2018.Google ScholarGoogle Scholar
  61. LibTomCrypt. LibTomCrypt. http://www.libtom.net/LibTomCrypt/, 2019.Google ScholarGoogle Scholar
  62. M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15-17, 2018, pages 973-990, 2018.Google ScholarGoogle Scholar
  63. mbedTLS. mbedTLS. https://tls.mbed.org/code/releases/, 2017.Google ScholarGoogle Scholar
  64. R. Metta, M. Becker, P. Bokil, S. Chakraborty, and R. Venkatesh. TIC: a scalable model checking based approach to WCET estimation. In T. Kuo and D. B. Whalley, editors, Proceedings of the 17th ACM SIGPLAN/SIGBED Conference on Languages, Compilers, Tools, and Theory for Embedded Systems, LCTES 2016, Santa Barbara, CA, USA, June 13-14, 2016, pages 72-81. ACM, 2016. doi: 10.1145/2907950.2907961. URL https://doi.org/10.1145/2907950.2907961. Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. A. Moshovos and G. S. Sohi. Memory dependence speculation tradeofs in centralized, continuous-window superscalar processors. In Proceedings of the Sixth International Symposium on High-Performance Computer Architecture, Toulouse, France, January 8-12, 2000, pages 301-312, 2000.Google ScholarGoogle Scholar
  66. S. Nilizadeh, Y. Noller, and C. S. Pasareanu. Difuzz: diferential fuzzing for side-channel analysis. In Proceedings of the 41st International Conference on Software Engineering, ICSE 2019, Montreal, QC, Canada, May 25-31, 2019, pages 176-187, 2019.Google ScholarGoogle Scholar
  67. O. Oleksenko, B. Trach, M. Silberstein, and C. Fetzer. Specfuzz: Bringing spectre-type vulnerabilities to the surface. In S. Capkun and F. Roesner, editors, 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, pages 1481-1498. USENIX Association, 2020.Google ScholarGoogle Scholar
  68. S. Önder and R. Gupta. Dynamic memory disambiguation in the presence of out-of-order store issuing. In Proceedings of the 32nd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 32, Haifa, Israel, November 16-18, 1999, pages 170-176, 1999.Google ScholarGoogle ScholarCross RefCross Ref
  69. OpenSSL. OpenSSL-1. 1.1c. https://mta.openssl.org/pipermail/openssl-announce/2019-May/000153.html, 2019.Google ScholarGoogle Scholar
  70. Y. Oren, V. P. Kemerlis, S. Sethumadhavan, and A. D. Keromytis. The spy in the sandbox: Practical cache attacks in javascript and their implications. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, page 1406-1418, New York, NY, USA, 2015. Association for Computing Machinery. ISBN 9781450338325. doi: 10.1145/2810103.2813708. URL https://doi.org/10.1145/2810103.2813708. Google ScholarGoogle ScholarDigital LibraryDigital Library
  71. D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: The case of AES. In Topics in Cryptology-CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2006, Proceedings, pages 1-20, 2006.Google ScholarGoogle Scholar
  72. V. S. Pai, P. Ranganathan, and S. V. Adve. Rsim: An execution-driven simulator for ilp-based shared-memory multiprocessors and uniprocessors. IEEE Technical Committee on Computer Architecture Newsletter, 1997.Google ScholarGoogle Scholar
  73. C. S. Pasareanu and N. Rungta. Symbolic pathfinder: symbolic execution of java bytecode. In ASE 2010, 25th IEEE/ACM International Conference on Automated Software Engineering, Antwerp, Belgium, September 20-24, 2010, pages 179-180, 2010.Google ScholarGoogle ScholarDigital LibraryDigital Library
  74. Q. Phan, L. Bang, C. S. Pasareanu, P. Malacaria, and T. Bultan. Synthesis of adaptive side-channel attacks. IACR Cryptology ePrint Archive, 2017 : 401, 2017.Google ScholarGoogle Scholar
  75. S. Poeplau and A. Francillon. Systematic comparison of symbolic execution systems: intermediate representation and its generation. In Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019, pages 163-176, 2019.Google ScholarGoogle ScholarDigital LibraryDigital Library
  76. S. Poeplau and A. Francillon. Symbolic execution with symcc: Don't interpret, compile! In S. Capkun and F. Roesner, editors, 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, pages 181-198. USENIX Association, 2020.Google ScholarGoogle Scholar
  77. C. Rapier and B. Bennett. High speed bulk data transfer using the SSH protocol. In Proceedings of the 15th ACM Mardi Gras conference: From lightweight mash-ups to lambda grids: Understanding the spectrum of distributed computing requirements, applications, tools, infrastructures, interoperability, and the incremental adoption of key capabilities, Baton Rouge, Louisiana, USA, January 29-February 3, 2008, page 11, 2008.Google ScholarGoogle Scholar
  78. F. Saudel and J. Salwan. Triton: A Dynamic Binary Analysis Framework. https://triton.quarkslab.com/, 2013.Google ScholarGoogle Scholar
  79. E. Schnarr and J. R. Larus. Fast out-of-order processor simulation using memoization. ACM SIGPLAN Notices, 33 ( 11 ): 283-294, 1998.Google ScholarGoogle Scholar
  80. T. Sha, M. M. K. Martin, and A. Roth. Scalable store-load forwarding via store queue index prediction. In 38th Annual IEEE/ACM International Symposium on Microarchitecture, 12-16 November 2005, Barcelona, Spain, pages 159-170, 2005.Google ScholarGoogle ScholarDigital LibraryDigital Library
  81. J. U. Skakkebaek, R. B. Jones, and D. L. Dill. Formal verification of out-of-order execution using incremental flushing. In International Conference on Computer Aided Verification, pages 98-109. Springer, 1998.Google ScholarGoogle ScholarCross RefCross Ref
  82. J. E. Smith and A. R. Pleszkun. Implementation of precise interrupts in pipelined processors. In Proceedings of the 12th Annual Symposium on Computer Architecture, Boston, MA, USA, June 1985, pages 36-44, 1985.Google ScholarGoogle ScholarDigital LibraryDigital Library
  83. N. Stephens, J. Grosen, C. Salls, A. Dutcher, R. Wang, J. Corbetta, Y. Shoshitaishvili, C. Kruegel, and G. Vigna. Driller: Augmenting fuzzing through selective symbolic execution. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016, 2016.Google ScholarGoogle ScholarCross RefCross Ref
  84. Tegra. Kernel tree for NVIDIA Tegra family SOICs on Android. https://android.googlesource.com/kernel/tegra/+/android8.1.0_r0.113/crypto, 2018.Google ScholarGoogle Scholar
  85. G. Wang, S. Chattopadhyay, A. K. Biswas, T. Mitra, and A. Roychoudhury. Kleespectre: Detecting information leakage through speculative cache attacks via symbolic execution. ACM Trans. Softw. Eng. Methodol., 29 ( 3 ): 14 : 1-14 : 31, 2020. doi: 10.1145/3385897. URL https://doi.org/10.1145/3385897. Google ScholarGoogle ScholarDigital LibraryDigital Library
  86. S. Wang, P. Wang, X. Liu, D. Zhang, and D. Wu. Cached: Identifying cache-based timing channels in production software. In E. Kirda and T. Ristenpart, editors, 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017, pages 235-252. USENIX Association, 2017.Google ScholarGoogle Scholar
  87. S. Wang, Y. Bao, X. Liu, P. Wang, D. Zhang, and D. Wu. Identifying cache-based side channels through secret-augmented abstract interpretation. In 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, pages 657-674, 2019.Google ScholarGoogle Scholar
  88. O. Weisse, J. Van Bulck, M. Minkin, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, R. Strackx, T. F. Wenisch, and Y. Yarom. Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution. Technical report, 2018.Google ScholarGoogle Scholar
  89. J. Wichelmann, A. Moghimi, T. Eisenbarth, and B. Sunar. Microwalk: A framework for finding side channels in binaries. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018, pages 161-173, 2018.Google ScholarGoogle ScholarDigital LibraryDigital Library
  90. R. Wilhelm, S. Altmeyer, C. Burguière, D. Grund, J. Herter, J. Reineke, B. Wachter, and S. Wilhelm. Static timing analysis for hard real-time systems. In International Workshop on Verification, Model Checking, and Abstract Interpretation, pages 3-22, 2010.Google ScholarGoogle ScholarDigital LibraryDigital Library
  91. M. Wu and C. Wang. Abstract interpretation under speculative execution. In ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 57-69, 2019.Google ScholarGoogle ScholarDigital LibraryDigital Library
  92. Y. Xiao, M. Li, S. Chen, and Y. Zhang. Stacco: Diferentially analyzing side-channel traces for detecting ssl/tls vulnerabilities in secure enclaves. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS '17, page 859-874, New York, NY, USA, 2017. Association for Computing Machinery. ISBN 9781450349468. doi: 10.1145/3133956.3134016. URL https://doi.org/10.1145/3133956.3134016. Google ScholarGoogle ScholarDigital LibraryDigital Library
  93. Y. Yang, X. Chen, G. Gopalakrishnan, and R. M. Kirby. Eficient stateful dynamic partial order reduction. In Model Checking Software, 15th International SPIN Workshop, Los Angeles, CA, USA, August 10-12, 2008, Proceedings, pages 288-305, 2008.Google ScholarGoogle Scholar
  94. Y. Yang, X. Chen, G. Gopalakrishnan, and R. M. Kirby. Distributed dynamic partial order reduction. STTT, 12 ( 2 ): 113-122, 2010.Google ScholarGoogle Scholar
  95. Y. Yarom and K. Falkner. FLUSH+ RELOAD: A high resolution, low noise, L3 cache side-channel attack. In Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., pages 719-732, 2014.Google ScholarGoogle Scholar
  96. J. Yu, L. Hsiung, M. E. Hajj, and C. W. Fletcher. Data oblivious ISA extensions for side channel-resistant and high performance computing. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019, 2019.Google ScholarGoogle ScholarCross RefCross Ref
  97. Y. Zhang, A. Juels, A. Oprea, and M. K. Reiter. Homealone: Co-residency detection in the cloud via side-channel analysis. In 2011 IEEE symposium on security and privacy, pages 313-328. IEEE, 2011.Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Exposing cache timing side-channel leaks through out-of-order symbolic execution

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!