posted on 2023-11-29, 18:07authored bySudipta Chattopadhyay, Moritz Beck, Ahmed Rezine, Andreas ZellerAndreas Zeller
Cache attacks allow attackers to infer the properties of a secret execution by observing cache hits and misses. But how much information can actually leak through such attacks? For a given program, a cache model, and an input, our CHALICE framework leverages symbolic execution to compute the amount of information that can possibly leak through cache attacks. At the core of CHALICE is a novel approach to quantify information leakage that can highlight critical cache side-channel leakage on arbitrary binary code. In our evaluation on real-world programs from OpenSSL and Linux GDK libraries, CHALICE effectively quantifies information leakage: For an AES-128 implementation on Linux, for instance, CHALICE finds that a cache attack can leak as much as 127 out of 128 bits of the encryption key.
History
Preferred Citation
Sudipta Chattopadhyay, Moritz Beck, Ahmed Rezine and Andreas Zeller. Quantifying the Information Leakage in Cache Attacks via Symbolic Execution. In: ACM Transactions on Embedded Computing Systems. 2019.
Primary Research Area
Threat Detection and Defenses
Legacy Posted Date
2020-05-26
Journal
ACM Transactions on Embedded Computing Systems
Open Access Type
Unknown
Sub Type
Article
BibTeX
@article{cispa_all_3066,
title = "Quantifying the Information Leakage in Cache Attacks via Symbolic Execution",
author = "Chattopadhyay, Sudipta and Beck, Moritz and Rezine, Ahmed and Zeller, Andreas",
journal="{ACM Transactions on Embedded Computing Systems}",
year="2019",
}