Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Zhu, Yiming, Huang, Wenchao, Xiong, Yan
Format: Preprint
Veröffentlicht: 2024
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2408.16220
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866918048923910144
author Zhu, Yiming
Huang, Wenchao
Xiong, Yan
author_facet Zhu, Yiming
Huang, Wenchao
Xiong, Yan
contents Spectre v1 attacks pose a substantial threat to security-critical software, particularly cryptographic implementations. Existing software mitigations, however, often introduce excessive overhead by indiscriminately hardening instructions without assessing their vulnerability. We propose an analysis framework that employs a novel fixpoint algorithm to detect Spectre vulnerabilities and apply targeted hardening. The fixpoint algorithm accounts for program behavior changes induced by stepwise hardening, enabling precise, sound and efficient vulnerability detection. This framework also provides flexibility for diverse hardening strategies and attacker models, enabling customized targeted hardening. We instantiate the framework as LightSLH, which hardens program with provable security. We evaluate LightSLH on cryptographic algorithms from OpenSSL, Libsodium, NaCL and PQClean. Across all experimental cases, LightSLH provides the lowest overhead among current provable protection strategies, including 0\% overhead in 50\% cases. Notably, the analysis of LightSLH reveals two previously unknown security issues: (1) The compiler can introduce risks overlooked by LLSCT, a hardening method proven secure at the LLVM IR level. We successfully construct a side channel by exploiting compiler-inserted stack loads, confirming this risk. (2) Memory access patterns generated by the scatter-gather algorithm still depend on secrets, even for observers with cache line granularity. These findings and results highlight the importance of applying accurate protections to specific instructions.
format Preprint
id arxiv_https___arxiv_org_abs_2408_16220
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Place Protections at the Right Place: Targeted Hardening for Cryptographic Code against Spectre v1
Zhu, Yiming
Huang, Wenchao
Xiong, Yan
Cryptography and Security
Spectre v1 attacks pose a substantial threat to security-critical software, particularly cryptographic implementations. Existing software mitigations, however, often introduce excessive overhead by indiscriminately hardening instructions without assessing their vulnerability. We propose an analysis framework that employs a novel fixpoint algorithm to detect Spectre vulnerabilities and apply targeted hardening. The fixpoint algorithm accounts for program behavior changes induced by stepwise hardening, enabling precise, sound and efficient vulnerability detection. This framework also provides flexibility for diverse hardening strategies and attacker models, enabling customized targeted hardening. We instantiate the framework as LightSLH, which hardens program with provable security. We evaluate LightSLH on cryptographic algorithms from OpenSSL, Libsodium, NaCL and PQClean. Across all experimental cases, LightSLH provides the lowest overhead among current provable protection strategies, including 0\% overhead in 50\% cases. Notably, the analysis of LightSLH reveals two previously unknown security issues: (1) The compiler can introduce risks overlooked by LLSCT, a hardening method proven secure at the LLVM IR level. We successfully construct a side channel by exploiting compiler-inserted stack loads, confirming this risk. (2) Memory access patterns generated by the scatter-gather algorithm still depend on secrets, even for observers with cache line granularity. These findings and results highlight the importance of applying accurate protections to specific instructions.
title Place Protections at the Right Place: Targeted Hardening for Cryptographic Code against Spectre v1
topic Cryptography and Security
url https://arxiv.org/abs/2408.16220