Automatic and Incremental Repair for Speculative Information Leaks.

Bard, Joachim; Jacobs, Swen; Vizel, Yakir

doi:10.60882/cispa.28839053.v1

Automatic and Incremental Repair for Speculative Information Leaks.

conference contribution

posted on 2025-04-22, 08:39 authored by Joachim BardJoachim Bard, Swen JacobsSwen Jacobs, Yakir Vizel

We present CURESPEC, the first model-checking based framework for automatic repair of programs with respect to information leaks in the presence of side-channels and speculative execution. CURESPEC is based on formal models of attacker capabilities, including observable side channels, inspired by the SPECTRE-PHT attacks. For a given attacker model, CURESPEC is able to either prove that the program is secure, or detect potential side-channel vulnerabilities and automatically insert mitigations such that the resulting code is provably secure. Moreover, CURESPEC can provide a certificate for the security of the program that can be independently checked. We have implemented CURESPEC in the SeaHorn framework and show that it can effectively repair security-critical code, for example the AES encryption from the OpenSSL library.

History

Editor

Dimitrova R ; Lahav O ; Wolff S

Primary Research Area

Reliable Security Guarantees

Name of Conference

International Conference on Verification Model Checking and Abstract Interpretation (VMCAI)

CISPA Affiliation

Yes

Journal

Verification, Model Checking, and Abstract Interpretation

Volume

14500

Page Range

291-313

Publisher

Springer

Open Access Type

Not Open Access

BibTeX

@inproceedings{Bard:Jacobs:Vizel:2024, title = "Automatic and Incremental Repair for Speculative Information Leaks.", author = "Bard, Joachim" AND "Jacobs, Swen" AND "Vizel, Yakir", editor = "Dimitrova, Rayna" AND "Lahav, Ori" AND "Wolff, Sebastian", year = 2024, month = 1, journal = "Verification, Model Checking, and Abstract Interpretation", pages = "291--313", publisher = "Springer", issn = "1611-3349", doi = "10.1007/978-3-031-50521-8_14" }