skip to main content
research-article
Open Access

Interpretable noninterference measurement and its application to processor designs

Published:15 October 2021Publication History
Skip Abstract Section

Abstract

Noninterference measurement quantifies the secret information that might leak to an adversary from what the adversary can observe and influence about the computation. Static and high-fidelity noninterference measurement has been difficult to scale to complex computations, however. This paper scales a recent framework for noninterference measurement to the open-source RISC-V BOOM core as specified in Verilog, through three key innovations: logically characterizing the core’s execution incrementally, applying specific optimizations between each cycle; permitting information to be declassified, to focus leakage measurement to only secret information that cannot be inferred from the declassified information; and interpreting leakage measurements for the analyst in terms of simple rules that characterize when leakage occurs. Case studies on cache-based side channels generally, and on specific instances including Spectre attacks, show that the resulting toolchain, called DINoMe, effectively scales to this modern processor design.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is a presentation video of our talk at OOPSLA 2021 on our paper accepted in the research track. In this paper, we presents a recent framework for noninterference measurement to the open-source RISC-V BOOM core as specified in Verilog, through three key innovations: logically characterizing the core’s execution incrementally, applying specific optimizations between each cycle; permitting information to be declassified, to focus leakage measurement to only secret information that cannot be inferred from the declassified information; and interpreting leakage measurements for the analyst in terms of simple rules that characterize when leakage occurs. Case studies on cache-based side channels generally, and on specific instances including Spectre attacks, show that the resulting toolchain, called DINoMe, effectively scales to this modern processor design.

References

  1. 2018. Intel Analysis of Speculative Execution Side Channels. Intel Corp.. https://www.intel.com/content/www/us/en/architecture-and-technology/intel-analysis-of-speculative-execution-side-channels-paper.htmlGoogle ScholarGoogle Scholar
  2. O. Aciiçmez. 2007. Yet another microarchitectural attack: Exploiting I-cache. In ACM Workshop on Computer Security Architecture. 11–18. https://doi.org/10.1145/1314466.1314469 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. J. B. Almeida, M. Barbosa, G. Barthe, F. Dupressoir, and M. Emmi. 2016. Verifying constant-time implementations. In 25superscript th USENIX Security Symposium. 53–70. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. R. A. Aziz, G. Chu, C. Muise, and P. Stuckey. 2015. #∃ SAT: Projected Model Counting. In 18superscript th International Conference on Theory and Applications of Satisfiability Testing (LNCS). 121–137. https://doi.org/10.1007/978-3-319-24318-4_10 Google ScholarGoogle ScholarCross RefCross Ref
  5. M. Backes, B. Kopf, and A. Rybalchenko. 2009. Automatic discovery and quantification of information leaks. In 30superscript th IEEE Symposium on Security and Privacy. 141–153. https://doi.org/10.1109/SP.2009.18 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. T. Ball, B. Cook, V. Levin, and S. K. Rajamani. 2004. SLAM and Static Driver Verifier: Technology transfer of formal methods inside Microsoft. In 4superscript th International Conference on Integrated Formal Methods (LNCS, Vol. 2999). 1–20. https://doi.org/10.1007/978-3-540-24756-2_1 Google ScholarGoogle ScholarCross RefCross Ref
  7. A. Banerjee, D. A. Naumann, and S. Rosenberg. 2008. Expressive declassification policies and modular static enforcement. In 29superscript th IEEE Symposium on Security and Privacy. 339–353. https://doi.org/10.1109/SP.2008.20 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. G. Barthe, G. Betarte, J. Campo, C. Luna, and D. Pichardie. 2014. System-level non-interference for constant-time cryptography. In 21superscript st ACM Conference on Computer and Communications Security. 1267–1279. https://doi.org/10.1145/2660267.2660283 Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. D. J. Bernstein, J. Breitner, D. Genkin, L. G. Bruinderink, N. Heninger, T. Lange, C. V. Vredendaal, and T. Yarom. 2017. Sliding right into disaster: Left-to-right sliding windows leak. In 19superscript th International Conference on Cryptographic Hardware and Embedded Systems (LNCS, Vol. 10529). 555–576. https://doi.org/10.1007/978-3-319-66787-4_27 Google ScholarGoogle ScholarCross RefCross Ref
  10. S. Blazy, D. Pichardie, and A. Trieu. 2019. Verifying constant-time implementations by abstract interpretation. Journal of Computer Security, 27, 1 (2019), 137–163. https://doi.org/10.1007/978-3-319-66402-6_16 Google ScholarGoogle ScholarCross RefCross Ref
  11. C. Celio, P. Chiu, B. Nikolic, D. A. Patterson, and K. Asanovic. 2017. BOOMv2: an open-source out-of-order RISC-V core. In 1superscript st Workshop on Computer Architecture Research with RISC-V (CARRV).Google ScholarGoogle Scholar
  12. S. Chakraborty, K. S. Meel, and M. Y. Vardi. 2013. A scalable approximate model counter. In Principles and Practice of Constraint Programming (LNCS, Vol. 8124). 200–216. https://doi.org/10.1007/978-3-642-40627-0_18 Google ScholarGoogle ScholarCross RefCross Ref
  13. P. Chapman and D. Evans. 2011. Automated black-box detection of side-channel vulnerabilities in web applications. In 18superscript th ACM Conference on Computer and Communications Security. 263–274. https://doi.org/10.1145/2046707.2046737 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. S. Chattopadhyay, M. Beck, A. Rezine, and A. Zeller. 2017. Quantifying the Information Leak in Cache Attacks via Symbolic Execution. In 15superscript th ACM International Conference on Formal Methods and Models for System Design. New York, NY, USA. 25–35. isbn:978-1-4503-5093-8 https://doi.org/10.1145/3288758 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. S. Chattopadhyay and A. Roychoudhury. 2018. Symbolic verification of cache side-channel freedom. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 37, 11 (2018), 2812–2823. https://doi.org/10.1109/TCAD.2018.2858402 Google ScholarGoogle ScholarCross RefCross Ref
  16. C. Chen, K. Lin, C. Rudin, Y. Shaposhnik, S. Wang, and T. Wang. 2018. An Interpretable Model with Globally Consistent Explanations for Credit Risk. arxiv:cs.LG/1811.12615.Google ScholarGoogle Scholar
  17. T. Chen and C. Guestrin. 2016. Xgboost: A scalable tree boosting system. In 22superscript rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 785–794. https://doi.org/10.1145/2939672.2939785 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. S. Chong and A. C. Myers. 2004. Security policies for downgrading. In 11superscript th ACM conference on Computer and communications security. 198–209. https://doi.org/10.1145/1030083.1030110 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. W. W. Cohen and Y. Singer. 1999. A simple, fast, and effective rule learner. 16superscript th AAAI Conference on Artificial Intelligence, 99 (1999), 335–342. https://doi.org/10.5555/315149.315320 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. G. Doychev, B. Köpf, L. Mauborgne, and J. Reineke. 2013. CacheAudit: A tool for the static analysis of cache side channels. In 22superscript nd USENIX Security Symposium. 431–446. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. B. Dutertre. 2015. Solving exists/forall problems with yices. In Workshop on satisfiability modulo theories.Google ScholarGoogle Scholar
  22. C. Dwork, F. McSherry, K. Nissim, and A. Smith. 2006. Calibrating Noise to Sensitivity in Private Data Analysis. In 3superscript rd Theory of Cryptography Conference (LNCS, Vol. 3876). 265–284. https://doi.org/10.1007/11681878_14 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. J. Fan. 1993. Local linear regression smoothers and their minimax efficiencies. The Annals of Statistics, 196–216. https://doi.org/10.1214/aos/1176349022 Google ScholarGoogle ScholarCross RefCross Ref
  24. R. Fan, K. Chang, C. Hsieh, X. Wang, and C. Lin. 2008. LIBLINEAR: A library for large linear classification. Journal of Machine Learning Research, 9, Aug (2008), 1871–1874. https://doi.org/10.5555/1390681.1442794 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. A. Ferraiuolo, R. Xu, D. Zhang, A. C. Myers, and G.E. Suh. 2017. Verification of a practical hardware security architecture through static information flow analysis. In 22superscript nd International Conference on Architectural Support for Programming Languages and Operating Systems. 555–568. https://doi.org/10.1145/3093337.3037739 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. M. Fokkema. 2020. Fitting Prediction Rule Ensembles with R Package pre. Journal of Statistical Software, 92, 12 (2020), 1–30. issn:1548-7660 https://doi.org/10.18637/jss.v092.i12 Google ScholarGoogle ScholarCross RefCross Ref
  27. J. H. Friedman. 2001. Greedy function approximation: a gradient boosting machine. Annals of Statistics, 1189–1232.Google ScholarGoogle ScholarCross RefCross Ref
  28. J. H. Friedman and B. E. Popescu. 2008. Predictive learning via rule ensembles. The Annals of Applied Statistics, 2, 3 (2008), 916–954. https://doi.org/10.1214/07-AOAS148 Google ScholarGoogle ScholarCross RefCross Ref
  29. R. Giacobazzi and I. Mastroeni. 2004. Abstract non-interference: Parameterizing non-interference by abstract interpretation. ACM SIGPLAN Notices, 39, 1 (2004), 186–197. https://doi.org/10.1145/982962.964017 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. R. Giacobazzi and I. Mastroeni. 2018. Abstract non-interference: a unifying framework for weakening information-flow. ACM Transactions on Privacy and Security (TOPS), 21, 2 (2018), 1–31. https://doi.org/10.1145/3175660 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. K. V. Gleissenthall, R. G. Kıcı, D. Stefan, and R. Jhala. 2019. IODINE: Verifying Constant-Time Execution of Hardware. In 28superscript th USENIX Security Symposium. 1411–1428. isbn:978-1-939133-06-9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. P. Godefroid, M. Y. Levin, and D. Molnar. 2012. SAGE: Whitebox Fuzzing for Security Testing. Queue, 10, 1 (2012), 20–27. issn:1542-7730 https://doi.org/10.1145/2090147.2094081 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. J. A. Goguen and J. Meseguer. 1982. Security policies and security models. In 3superscript rd IEEE Symposium on Security and Privacy. 11–20. https://doi.org/10.1109/SP.1982.10014 Google ScholarGoogle ScholarCross RefCross Ref
  34. J. W. Gray. 1991. Toward a mathematical foundation for information flow security. In 12superscript nd IEEE Symposium on Security and Privacy. 21–34. https://doi.org/10.1109/RISP.1991.130769 Google ScholarGoogle ScholarCross RefCross Ref
  35. X. Guo, R. G. Dutta, J. He, M. M. Tehranipoor, and Y. Jin. 2019. QIF-Verilog: Quantitative Information-Flow based Hardware Description Languages for Pre-Silicon Security Assessment. In IEEE International Symposium on Hardware Oriented Security and Trust. 91–100. https://doi.org/10.1109/HST.2019.8740840 Google ScholarGoogle ScholarCross RefCross Ref
  36. J. Kelsey. 2002. Compression and information leakage of plaintext. In 9superscript th International Workshop on Fast Software Encryption. 263–276. https://doi.org/10.1007/3-540-45661-9_21 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, and T. Prescher. 2019. Spectre attacks: Exploiting speculative execution. In 40superscript th IEEE Symposium on Security and Privacy. 1–19. https://doi.org/10.1109/SP.2019.00002 Google ScholarGoogle ScholarCross RefCross Ref
  38. M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, S. Genkin, Y. Yarom, and M. Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In 27superscript th USENIX Security Symposium. 973–990. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. P. Malacaria, MHR. Khouzani, C. S. Pasareanu, Q. Phan, and K. Luckow. 2018. Symbolic Side-Channel Analysis for Probabilistic Programs. In 31superscript st IEEE Computer Security Foundations Symposium. 313–327. https://doi.org/10.1109/CSF.2018.00030 Google ScholarGoogle ScholarCross RefCross Ref
  40. M. McCall, H. Zhang, and L. Jia. 2018. Knowledge-Based Security of Dynamic Secrets for Reactive Programs. In 31superscript st IEEE Computer Security Foundations Symposium. 175–188. https://doi.org/10.1109/CSF.2018.00020 Google ScholarGoogle ScholarCross RefCross Ref
  41. C. Molnar. 2019. Interpretable Machine Learning. https://christophm.github.io/interpretable-ml-book/Google ScholarGoogle Scholar
  42. S. Nilizadeh, Y. Noller, and C. S. Păsăreanu. 2019. DifFuzz: Differential Fuzzing for Side-Channel Analysis. In 41superscript st International Conference on Software Engineering. 176–187. https://doi.org/10.1109/ICSE.2019.00034 Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. O. Oleksii, T. Bohdan, S. Mark, and F. Christof. 2020. SpecFuzz: Bringing Spectre-type vulnerabilities to the surface. In 29superscript th USENIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. D. A. Osvik, A. Shamir, and E. Tromer. 2006. Cache attacks and countermeasures: The case of AES. In Topics in Cryptology – CT-RSA (LNCS, Vol. 3860). 1–20. https://doi.org/10.1007/11605805_1 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. C. Percival. 2005. Cache missing for fun and profit. In BSDCan 2005. https://doi.org/10.1.1.187.8383Google ScholarGoogle Scholar
  46. Q. Phan and P. Malacaria. 2014. Abstract model counting: A novel approach for quantification of information leaks. In 9superscript th ACM Symposium on Information, Computer and Communications Security. 283–292. https://doi.org/10.1145/2590296.2590328 Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. A. Pnueli, Y. Rodeh, O. Strichman, and M. Siegel. 2002. The small model property: How small can it be? Information and Computation, 178, 1 (2002), 279–293. https://doi.org/10.1016/S0890-5401(02)93175-5 Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. M. T. Ribeiro, S. Singh, and C. Guestrin. 2016. “Why should I trust you?”: Explaining the predictions of any classifier. In 22superscript nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1135–1144. https://doi.org/10.1145/2939672.2939778 Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. M. T. Ribeiro, S. Singh, and C. Guestrin. 2018. Anchors: High-precision model-agnostic explanations. In 32superscript rd AAAI Conference on Artificial Intelligence. 1527–1535. https://ojs.aaai.org/index.php/AAAI/article/view/11491Google ScholarGoogle Scholar
  50. A. Sabelfeld and A. C. Myers. 2003. A model for delimited information release. In 2superscript nd International Symposium on Software Security – Theories and Systems (LNCS, Vol. 3233). 174–191. https://doi.org/10.1007/978-3-540-37621-7_9 Google ScholarGoogle ScholarCross RefCross Ref
  51. A. Sabelfeld and D. Sands. 2009. Declassification: Dimensions and Principles. Journal of Computer Security, 517–548. https://doi.org/10.5555/1662658.1662659 Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. S. Sahai, P. Subramanyan, and R. Sinha. 2020. Verification of Quantitative Hyperproperties Using Trace Enumeration Relations. In 32superscript nd International Conference on Computer Aided Verification (LNCS, Vol. 12224). 201–224. https://doi.org/10.1007/978-3-030-53288-8_11 Google ScholarGoogle ScholarCross RefCross Ref
  53. T. Seidenfeld. 1986. Entropy and uncertainty. Philosophy of Science, 53, 4 (1986), 467–491. https://doi.org/10.1086/289336 Google ScholarGoogle ScholarCross RefCross Ref
  54. G. Smith. 2009. On the Foundations of Quantitative Information Flow. In 12superscript th International Conference on Foundations of Software Science and Computational Structures (LNCS, Vol. 5504). 288–302. https://doi.org/10.1007/978-3-642-00596-1_21 Google ScholarGoogle ScholarCross RefCross Ref
  55. G. Smith. 2011. Quantifying Information Flow Using Min-Entropy. In 8superscript th International Conference on Quantitative Evaluation of Systems. 159–167. https://doi.org/10.1109/QEST.2011.31 Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Dawn Xiaodong Song, David Wagner, and Xuqing Tian. 2001. Timing Analysis of Keystrokes and Timing Attacks on SSH. In 10superscript th USENIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. M. Soos and K. S. Meel. 2019. BIRD: Engineering an Efficient CNF-XOR SAT Solver and its Applications to Approximate Model Counting. In 36superscript th AAAI Conference on Artificial Intelligence. 1592–1599. https://doi.org/10.1007/978-3-030-80223-3_37 Google ScholarGoogle ScholarCross RefCross Ref
  58. Qinhan Tan, Zhihua Zeng, Kai Bu, and Kui Ren. 2020. PhantomCache: Obfuscating Cache Conflicts with Localized Randomization. In 27superscript th Network and Distributed System Security Symposium. https://doi.org/10.14722/ndss.2020.24086 Google ScholarGoogle ScholarCross RefCross Ref
  59. T. Wang, T. Wei, Lin Z, and W. Zou. 2009. IntScope: Automatically Detecting Integer Overflow Vulnerability in x86 Binary Using Symbolic Execution. In 16superscript th Network and Distributed System Security Symposium. https://doi.org/10.1007/978-3-642-15497-3_5 Google ScholarGoogle ScholarCross RefCross Ref
  60. Z. Wang and R. B. Lee. 2007. New cache designs for thwarting software cache-based side channel attacks. In 34superscript th International Symposium on Computer Architecture. 494–505. https://doi.org/10.1145/1273440.1250723 Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. M. Werner, T. Unterluggauer, L. Giner, M. Schwarz, D. Gruss, and S. Mangard. 2019. ScatterCache: Thwarting Cache Attacks via Cache Set Randomization. In 28superscript th USENIX Security Symposium. Santa Clara, CA. 675–692. isbn:978-1-939133-06-9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  62. C. Wolf. [n.d.]. Yosys Open SYnthesis Suite. http://www.clifford.at/yosys/Google ScholarGoogle Scholar
  63. Y. Xiao, Y. Zhang, and R. Teodorescu. 2020. SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities. In 27superscript th Network and Distributed System Security Symposium. https://doi.org/10.14722/ndss.2020.23105 Google ScholarGoogle ScholarCross RefCross Ref
  64. Y. Yarom and K. E. Falkner. 2014. FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack. In 23superscript rd USENIX Security Symposium. 719–732. Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. H. Yasuoka and T. Terauchi. 2014. Quantitative information flow as safety and liveness hyperproperties. Theoretical Computer Science, 538 (2014), 167–182. https://doi.org/10.4204/EPTCS.85.6 Google ScholarGoogle ScholarCross RefCross Ref
  66. D. Zhang, Y. Wang, G. E. Suh, and A. C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In 20superscript th International Conference on Architectural Support for Programming Languages and Operating Systems. Association for Computing Machinery, New York, NY, USA. 503––516. https://doi.org/10.1145/2694344.2694372 Google ScholarGoogle ScholarDigital LibraryDigital Library
  67. K. Zhang, Z. Li, R. Wang, X. Wang, and S. Chen. 2010. Sidebuster: Automated detection and quantification of side-channel leaks in web application development. In 17superscript th ACM Conference on Computer and Communications Security. 595–606. https://doi.org/10.1145/1866307.1866374 Google ScholarGoogle ScholarDigital LibraryDigital Library
  68. R. Zhang, C. Deutschbein, P. Huang, and C. Sturton. 2018. End-to-End Automated Exploit Generation for Validating the Security of Processor Designs. In 51superscript st IEEE/ACM International Symposium on Microarchitecture. 815––827. https://doi.org/10.1109/MICRO.2018.00071 Google ScholarGoogle ScholarDigital LibraryDigital Library
  69. Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart. 2012. Cross-VM side channels and their use to extract private keys. In 19superscript th ACM Conference on Computer and Communications Security. 305–316. https://doi.org/10.1145/2382196.2382230 Google ScholarGoogle ScholarDigital LibraryDigital Library
  70. Z. Zhou. 2020. Evaluating Information Leakage by Quantitative and Interpretable Measurements. Ph.D. Dissertation. The University of North Carolina at Chapel Hill.Google ScholarGoogle Scholar
  71. Z. Zhou, Z.Y Qian, M. K. Reiter, and Y. Zhang. 2018. Static Evaluation of Noninterference using Approximate Model Counting. In 39superscript th IEEE Symposium on Security and Privacy. 514–528. https://doi.org/10.1109/SP.2018.00052 Google ScholarGoogle ScholarCross RefCross Ref
  72. Z. Zhou, M. K. Reiter, and Y. Zhang. 2016. A Software Approach to Defeating Side Channels in Last-Level Caches. In 23superscript rd ACM Conference on Computer and Communications Security. 871–882. https://doi.org/10.1145/2976749.2978324 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Interpretable noninterference measurement and its application to processor designs

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Article Metrics

        • Downloads (Last 12 months)65
        • Downloads (Last 6 weeks)7

        Other Metrics

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!