Quantifying the Information Leakage in Cache Attacks via Symbolic Execution
journal contribution
posted on 2023-11-29, 18:07 authored by Sudipta Chattopadhyay, Moritz Beck, Ahmed Rezine, Andreas ZellerAndreas ZellerCache attacks allow attackers to infer the properties of a secret execution by observing cache hits and misses. But how much information can actually leak through such attacks? For a given program, a cache model, and an input, our CHALICE framework leverages symbolic execution to compute the amount of information that can possibly leak through cache attacks. At the core of CHALICE is a novel approach to quantify information leakage that can highlight critical cache side-channel leakage on arbitrary binary code. In our evaluation on real-world programs from OpenSSL and Linux GDK libraries, CHALICE effectively quantifies information leakage: For an AES-128 implementation on Linux, for instance, CHALICE finds that a cache attack can leak as much as 127 out of 128 bits of the encryption key.<p></p>
History
Preferred Citation
Sudipta Chattopadhyay, Moritz Beck, Ahmed Rezine and Andreas Zeller. Quantifying the Information Leakage in Cache Attacks via Symbolic Execution. In: ACM Transactions on Embedded Computing Systems. 2019.Primary Research Area
- Threat Detection and Defenses
Legacy Posted Date
2020-05-26Journal
ACM Transactions on Embedded Computing SystemsOpen Access Type
- Unknown
Sub Type
- Article
BibTeX
@article{cispa_all_3066, title = "Quantifying the Information Leakage in Cache Attacks via Symbolic Execution", author = "Chattopadhyay, Sudipta and Beck, Moritz and Rezine, Ahmed and Zeller, Andreas", journal="{ACM Transactions on Embedded Computing Systems}", year="2019", }Usage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC