Semi-Automated and Easily Interpretable Side-Channel Analysis for Modern JavaScript
Saved in:
| Title: | Semi-Automated and Easily Interpretable Side-Channel Analysis for Modern JavaScript |
|---|---|
| Authors: | Fayolle, Iliana, Wichelmann, Jan, Köhl, Anja, Rudametkin, Walter, Eisenbarth, Thomas, Maurice, Clémentine |
| Contributors: | Self-adaptation for distributed services and large software systems (SPIRALS), Centre Inria de l'Université de Lille, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 (CRIStAL), Centrale Lille-Université de Lille-Centre National de la Recherche Scientifique (CNRS)-Centrale Lille-Université de Lille-Centre National de la Recherche Scientifique (CNRS), Universität zu Lübeck = University of Lübeck Lübeck, Diversity-centric Software Engineering (DiverSe), Centre Inria de l'Université de Rennes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-LANGAGE ET GÉNIE LOGICIEL (IRISA-D4), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT), ANR-21-CE39-0019,FACADES,Fingerprinting et exploration des attaques et défenses sur CPU depuis des scripts web(2021) |
| Source: | CANS 2024 - 23rd International Conference on Cryptology And Network Security ; https://hal.science/hal-04652991 ; CANS 2024 - 23rd International Conference on Cryptology And Network Security, Sep 2024, Cambridge, United Kingdom. pp.1-22 ; https://2024.cansconference.org/home |
| Publisher Information: | CCSD |
| Publication Year: | 2024 |
| Subject Terms: | Side channels, Vulnerabilities, Cryptography, Automated detection, Instrumentation, Constant Time, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] |
| Subject Geographic: | Cambridge, United Kingdom |
| Description: | International audience ; Over the years, developers have become increasingly reliant on web technologies to build their applications, raising concerns about side-channel attacks, especially on cryptographic libraries. Despite the efforts of researchers to ensure constant-time security by proposing tools and methods to find vulnerabilities, challenges remain due to inadequate tools and integration issues in development processes.We tackle the main limitations of state-of-the-art detection tools. While Microwalk is the first and, to the best of our knowledge, only tool to find side-channel vulnerabilities in JavaScript libraries, the instrumentation framework it relies on does not support modern JavaScript features. Moreover, and common to most state-of-the-art detection tools not aimed at JavaScript, writing tests is a tedious process due to the complexity of libraries, the lack of information about test coverage, and the rudimentary interpretability of the report. Furthermore, recent studies show that developers do not use these tools due to compatibility issues, poor usability, and a lack of integration into workflows.We extend Microwalk in several directions. First, we design a generic AST-level tracing technique that is tailored to source-based dynamic side-channel leakage analysis, providing support for the latest language features. Second, we bring semi-automation to Microwalk analysis templates, considerably reducing the manual effort necessary to integrate side-channel analyses into development workflows. Third, we are the first to combine leakage reporting with coverage visualization. We evaluate the new toolchain on a set of cryptographic libraries and show that it can quickly and comprehensively uncover more vulnerabilities while writing tests with half as many lines of code as the previous Microwalk version. By open sourcing our new tracer and analysis template, we hope to increase the adoption of automated side-channel leakage analyses in cryptographic library development. |
| Document Type: | conference object |
| Language: | English |
| Relation: | https://archive.softwareheritage.org/swh:1:dir:16a8e3ee83ea9470bf4568aeeb618a99dbe70f40; https://archive.softwareheritage.org/swh:1:snp:67e8b5da60d46399055c2ebda9b6f251cf2fc0c1; https://archive.softwareheritage.org/swh:1:rev:5afba8f7aba37bf3c51662ef0dacb8410466a076; https://archive.softwareheritage.org/swh:1:dir:0737b27feede652d8256e58de0bc4688b98ff96a; https://archive.softwareheritage.org/swh:1:snp:2e30bd48a1ef7e7dcb0976d44d69f31531a44b00; https://archive.softwareheritage.org/swh:1:rev:543b51766d26e0753ec2f11e7bbb988733db26c3 |
| Availability: | https://hal.science/hal-04652991 https://hal.science/hal-04652991v1/document https://hal.science/hal-04652991v1/file/cans24_fayolle.pdf |
| Rights: | http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess |
| Accession Number: | edsbas.C5AC1FFC |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | International audience ; Over the years, developers have become increasingly reliant on web technologies to build their applications, raising concerns about side-channel attacks, especially on cryptographic libraries. Despite the efforts of researchers to ensure constant-time security by proposing tools and methods to find vulnerabilities, challenges remain due to inadequate tools and integration issues in development processes.We tackle the main limitations of state-of-the-art detection tools. While Microwalk is the first and, to the best of our knowledge, only tool to find side-channel vulnerabilities in JavaScript libraries, the instrumentation framework it relies on does not support modern JavaScript features. Moreover, and common to most state-of-the-art detection tools not aimed at JavaScript, writing tests is a tedious process due to the complexity of libraries, the lack of information about test coverage, and the rudimentary interpretability of the report. Furthermore, recent studies show that developers do not use these tools due to compatibility issues, poor usability, and a lack of integration into workflows.We extend Microwalk in several directions. First, we design a generic AST-level tracing technique that is tailored to source-based dynamic side-channel leakage analysis, providing support for the latest language features. Second, we bring semi-automation to Microwalk analysis templates, considerably reducing the manual effort necessary to integrate side-channel analyses into development workflows. Third, we are the first to combine leakage reporting with coverage visualization. We evaluate the new toolchain on a set of cryptographic libraries and show that it can quickly and comprehensively uncover more vulnerabilities while writing tests with half as many lines of code as the previous Microwalk version. By open sourcing our new tracer and analysis template, we hope to increase the adoption of automated side-channel leakage analyses in cryptographic library development. |
|---|