Securing Optimized Code Against Power Side Channels
- URL: http://arxiv.org/abs/2207.02614v1
- Date: Wed, 6 Jul 2022 12:06:28 GMT
- Title: Securing Optimized Code Against Power Side Channels
- Authors: Rodothea Myrsini Tsoupidi, Roberto Casta\~neda Lozano, Elena
Troubitsyna and Panagiotis Papadimitratos
- Abstract summary: Security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations.
This paper proposes SecConCG, a constraint-based compiler approach that generates optimized yet secure code.
- Score: 1.589424114251205
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Side-channel attacks impose a serious threat to cryptographic algorithms,
including widely employed ones, such as AES and RSA, taking advantage of the
algorithm implementation in hardware or software to extract secret information
via timing and/or power side-channels. Software masking is a software
mitigation approach against power side-channel attacks, aiming at hiding the
secret-revealing dependencies from the power footprint of a vulnerable
implementation. However, this type of software mitigation often depends on
general-purpose compilers, which do not preserve non-functional properties.
Moreover, microarchitectural features, such as the memory bus and register
reuse, may also reveal secret information. These abstractions are not visible
at the high-level implementation of the program. Instead, they are decided at
compile time. To remedy these problems, security engineers often sacrifice code
efficiency by turning off compiler optimization and/or performing local,
post-compilation transformations. This paper proposes SecConCG, a
constraint-based compiler approach that generates optimized yet secure code.
SecConCG controls the quality of the mitigated program by efficiently searching
the best possible low-level implementation according to a processor cost model.
In our experiments with ten masked implementations on MIPS32 and ARM Cortex M0,
SecConCG speeds up the generated code from 10% to 10x compared to non-optimized
secure code at a small overhead of up to 7% compared to non-secure optimized
code. For security and compiler researchers, this paper proposes a formal model
to generate secure low-level code. For software engineers, SecConCG provides a
practical approach to optimize code that preserves security properties.
Related papers
- Breaking Bad: How Compilers Break Constant-Time~Implementations [12.486727810118497]
We investigate how compilers break protections introduced by defensive programming techniques.
We run a large-scale experiment to see if such compiler-induced issues manifest in state-of-the-art cryptographic libraries.
Our study reveals that several compiler-induced secret-dependent operations occur within some of the most highly regarded cryptographic libraries.
arXiv Detail & Related papers (2024-10-17T12:34:02Z) - PromSec: Prompt Optimization for Secure Generation of Functional Source Code with Large Language Models (LLMs) [4.2913589403278225]
Large language models (LLMs) are used to generate high-quality source code.
LLMs often introduce security vulnerabilities due to training on insecure open-source data.
This paper introduces PromSec, an algorithm for prom optimization for secure and functioning code generation.
arXiv Detail & Related papers (2024-09-19T12:14:10Z) - HexaCoder: Secure Code Generation via Oracle-Guided Synthetic Training Data [60.75578581719921]
Large language models (LLMs) have shown great potential for automatic code generation.
Recent studies highlight that many LLM-generated code contains serious security vulnerabilities.
We introduce HexaCoder, a novel approach to enhance the ability of LLMs to generate secure codes.
arXiv Detail & Related papers (2024-09-10T12:01:43Z) - Secure Synthesis of Distributed Cryptographic Applications (Technical Report) [1.9707603524984119]
We advocate using secure program partitioning to synthesize cryptographic applications.
This approach is promising, but formal results for the security of such compilers are limited in scope.
We develop a compiler security proof that handles subtleties essential for robust, efficient applications.
arXiv Detail & Related papers (2024-01-06T02:57:44Z) - Code Polymorphism Meets Code Encryption: Confidentiality and Side-Channel Protection of Software Components [0.0]
PolEn is a toolchain and a processor architecturethat combine countermeasures in order to provide an effective mitigation of side-channel attacks.
Code encryption is supported by a processor extension such that machineinstructions are only decrypted inside the CPU.
Code polymorphism is implemented by software means. It regularly changes the observablebehaviour of the program, making it unpredictable for an attacker.
arXiv Detail & Related papers (2023-10-11T09:16:10Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Planning with Large Language Models for Code Generation [100.07232672883897]
Planning-Guided Transformer Decoding (PG-TD) uses a planning algorithm to do lookahead search and guide the Transformer to generate better programs.
We empirically evaluate our framework with several large language models as backbones on public coding challenge benchmarks.
arXiv Detail & Related papers (2023-03-09T18:59:47Z) - Learning to Superoptimize Real-world Programs [79.4140991035247]
We propose a framework to learn to superoptimize real-world programs by using neural sequence-to-sequence models.
We introduce the Big Assembly benchmark, a dataset consisting of over 25K real-world functions mined from open-source projects in x86-64 assembly.
arXiv Detail & Related papers (2021-09-28T05:33:21Z) - Covert Model Poisoning Against Federated Learning: Algorithm Design and
Optimization [76.51980153902774]
Federated learning (FL) is vulnerable to external attacks on FL models during parameters transmissions.
In this paper, we propose effective MP algorithms to combat state-of-the-art defensive aggregation mechanisms.
Our experimental results demonstrate that the proposed CMP algorithms are effective and substantially outperform existing attack mechanisms.
arXiv Detail & Related papers (2021-01-28T03:28:18Z) - PolyDL: Polyhedral Optimizations for Creation of High Performance DL
primitives [55.79741270235602]
We present compiler algorithms to automatically generate high performance implementations of Deep Learning primitives.
We develop novel data reuse analysis algorithms using the polyhedral model.
We also show that such a hybrid compiler plus a minimal library-use approach results in state-of-the-art performance.
arXiv Detail & Related papers (2020-06-02T06:44:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.