Securing Optimized Code Against Power Side Channels
- URL: http://arxiv.org/abs/2207.02614v1
- Date: Wed, 6 Jul 2022 12:06:28 GMT
- Title: Securing Optimized Code Against Power Side Channels
- Authors: Rodothea Myrsini Tsoupidi, Roberto Casta\~neda Lozano, Elena
Troubitsyna and Panagiotis Papadimitratos
- Abstract summary: Security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations.
This paper proposes SecConCG, a constraint-based compiler approach that generates optimized yet secure code.
- Score: 1.589424114251205
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Side-channel attacks impose a serious threat to cryptographic algorithms,
including widely employed ones, such as AES and RSA, taking advantage of the
algorithm implementation in hardware or software to extract secret information
via timing and/or power side-channels. Software masking is a software
mitigation approach against power side-channel attacks, aiming at hiding the
secret-revealing dependencies from the power footprint of a vulnerable
implementation. However, this type of software mitigation often depends on
general-purpose compilers, which do not preserve non-functional properties.
Moreover, microarchitectural features, such as the memory bus and register
reuse, may also reveal secret information. These abstractions are not visible
at the high-level implementation of the program. Instead, they are decided at
compile time. To remedy these problems, security engineers often sacrifice code
efficiency by turning off compiler optimization and/or performing local,
post-compilation transformations. This paper proposes SecConCG, a
constraint-based compiler approach that generates optimized yet secure code.
SecConCG controls the quality of the mitigated program by efficiently searching
the best possible low-level implementation according to a processor cost model.
In our experiments with ten masked implementations on MIPS32 and ARM Cortex M0,
SecConCG speeds up the generated code from 10% to 10x compared to non-optimized
secure code at a small overhead of up to 7% compared to non-secure optimized
code. For security and compiler researchers, this paper proposes a formal model
to generate secure low-level code. For software engineers, SecConCG provides a
practical approach to optimize code that preserves security properties.
Related papers
- CryptRISC: A Secure RISC-V Processor for High-Performance Cryptography with Power Side-Channel Protection [1.5866931449827322]
CryptRISC is the first RISC-V processor that combines cryptographic acceleration with hardware-level power side-channel resistance.<n>Masking is a widely used countermeasure, yet software-based techniques often introduce significant performance overhead and implementation complexity.
arXiv Detail & Related papers (2026-02-23T19:13:35Z) - RealSec-bench: A Benchmark for Evaluating Secure Code Generation in Real-World Repositories [58.32028251925354]
Large Language Models (LLMs) have demonstrated remarkable capabilities in code generation, but their proficiency in producing secure code remains a critical, under-explored area.<n>We introduce RealSec-bench, a new benchmark for secure code generation meticulously constructed from real-world, high-risk Java repositories.
arXiv Detail & Related papers (2026-01-30T08:29:01Z) - Context-Guided Decompilation: A Step Towards Re-executability [50.71992919223209]
Binary decompilation plays an important role in software security analysis, reverse engineering and malware understanding.<n>Recent advances in large language models (LLMs) have enabled neural decompilation, but the generated code is typically only semantically plausible.<n>We propose ICL4Decomp, a hybrid decompilation framework that leverages in-context learning (ICL) to guide LLMs toward generating re-executable source code.
arXiv Detail & Related papers (2025-11-03T17:21:39Z) - High Memory Masked Convolutional Codes for PQC [0.0]
This paper presents a novel post-quantum cryptosystem based on high-memory masked convolutional codes.<n>It supports arbitrary plaintext lengths with linear-time decryption and uniform per-bit computational cost.<n>The scheme achieves cryptanalytic margins exceeding those of the classic McEliece system by factors greater than 2100.
arXiv Detail & Related papers (2025-10-17T10:39:20Z) - ENSI: Efficient Non-Interactive Secure Inference for Large Language Models [10.82684192498215]
We propose ENSI, a novel secure inference framework for large language models (LLMs)<n>ENSI employs an optimized encoding strategy that seamlessly integrates CKKS scheme with a lightweight LLM variant, BitNet.<n>We demonstrate that ENSI achieves approximately an 8x acceleration in matrix multiplications and a 2.6x speedup in softmax inference on CPU.
arXiv Detail & Related papers (2025-09-11T13:04:22Z) - Decompiling Smart Contracts with a Large Language Model [51.49197239479266]
Despite Etherscan's 78,047,845 smart contracts deployed on (as of May 26, 2025), a mere 767,520 ( 1%) are open source.<n>This opacity necessitates the automated semantic analysis of on-chain smart contract bytecode.<n>We introduce a pioneering decompilation pipeline that transforms bytecode into human-readable and semantically faithful Solidity code.
arXiv Detail & Related papers (2025-06-24T13:42:59Z) - Inverse-Transpilation: Reverse-Engineering Quantum Compiler Optimization Passes from Circuit Snapshots [2.348041867134616]
We propose a simple ML-based framework to infer underlying optimization techniques by leveraging structural differences observed between original and compiled circuits.
Our evaluation shows that a neural network performs the best in detecting optimization passes, with individual pass F1-scores reaching as high as 0.96.
arXiv Detail & Related papers (2025-04-27T05:25:12Z) - TFHE-Coder: Evaluating LLM-agentic Fully Homomorphic Encryption Code Generation [10.597643264309415]
Homomorphic Encryption over the torus (TFHE) enables encrypted computation on data without decryption.
Despite its potential in privacy preserving machine learning, secure multi party computation, private blockchain transactions, and secure medical diagnostics, its adoption remains limited due to cryptographic complexity and usability challenges.
This work establishes the first benchmark for TFHE code generation, demonstrating how LLMs, when augmented with domain-specific feedback, can bridge the expertise gap in FHE code generation.
arXiv Detail & Related papers (2025-03-15T17:57:44Z) - ReF Decompile: Relabeling and Function Call Enhanced Decompile [50.86228893636785]
The goal of decompilation is to convert compiled low-level code (e.g., assembly code) back into high-level programming languages.
This task supports various reverse engineering applications, such as vulnerability identification, malware analysis, and legacy software migration.
arXiv Detail & Related papers (2025-02-17T12:38:57Z) - Breaking Bad: How Compilers Break Constant-Time~Implementations [12.486727810118497]
We investigate how compilers break protections introduced by defensive programming techniques.
We run a large-scale experiment to see if such compiler-induced issues manifest in state-of-the-art cryptographic libraries.
Our study reveals that several compiler-induced secret-dependent operations occur within some of the most highly regarded cryptographic libraries.
arXiv Detail & Related papers (2024-10-17T12:34:02Z) - PromSec: Prompt Optimization for Secure Generation of Functional Source Code with Large Language Models (LLMs) [4.2913589403278225]
Large language models (LLMs) are used to generate high-quality source code.
LLMs often introduce security vulnerabilities due to training on insecure open-source data.
This paper introduces PromSec, an algorithm for prom optimization for secure and functioning code generation.
arXiv Detail & Related papers (2024-09-19T12:14:10Z) - HexaCoder: Secure Code Generation via Oracle-Guided Synthetic Training Data [60.75578581719921]
Large language models (LLMs) have shown great potential for automatic code generation.
Recent studies highlight that many LLM-generated code contains serious security vulnerabilities.
We introduce HexaCoder, a novel approach to enhance the ability of LLMs to generate secure codes.
arXiv Detail & Related papers (2024-09-10T12:01:43Z) - ShadowCode: Towards (Automatic) External Prompt Injection Attack against Code LLMs [56.46702494338318]
This paper introduces a new attack paradigm: (automatic) external prompt injection against code-oriented large language models.<n>We propose ShadowCode, a simple yet effective method that automatically generates induced perturbations based on code simulation.<n>We evaluate our method across 13 distinct malicious objectives, generating 31 threat cases spanning three popular programming languages.
arXiv Detail & Related papers (2024-07-12T10:59:32Z) - Secure Synthesis of Distributed Cryptographic Applications (Technical Report) [1.9707603524984119]
We advocate using secure program partitioning to synthesize cryptographic applications.
This approach is promising, but formal results for the security of such compilers are limited in scope.
We develop a compiler security proof that handles subtleties essential for robust, efficient applications.
arXiv Detail & Related papers (2024-01-06T02:57:44Z) - Code Polymorphism Meets Code Encryption: Confidentiality and Side-Channel Protection of Software Components [0.0]
PolEn is a toolchain and a processor architecturethat combine countermeasures in order to provide an effective mitigation of side-channel attacks.
Code encryption is supported by a processor extension such that machineinstructions are only decrypted inside the CPU.
Code polymorphism is implemented by software means. It regularly changes the observablebehaviour of the program, making it unpredictable for an attacker.
arXiv Detail & Related papers (2023-10-11T09:16:10Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Planning with Large Language Models for Code Generation [100.07232672883897]
Planning-Guided Transformer Decoding (PG-TD) uses a planning algorithm to do lookahead search and guide the Transformer to generate better programs.
We empirically evaluate our framework with several large language models as backbones on public coding challenge benchmarks.
arXiv Detail & Related papers (2023-03-09T18:59:47Z) - Learning to Superoptimize Real-world Programs [79.4140991035247]
We propose a framework to learn to superoptimize real-world programs by using neural sequence-to-sequence models.
We introduce the Big Assembly benchmark, a dataset consisting of over 25K real-world functions mined from open-source projects in x86-64 assembly.
arXiv Detail & Related papers (2021-09-28T05:33:21Z) - Covert Model Poisoning Against Federated Learning: Algorithm Design and
Optimization [76.51980153902774]
Federated learning (FL) is vulnerable to external attacks on FL models during parameters transmissions.
In this paper, we propose effective MP algorithms to combat state-of-the-art defensive aggregation mechanisms.
Our experimental results demonstrate that the proposed CMP algorithms are effective and substantially outperform existing attack mechanisms.
arXiv Detail & Related papers (2021-01-28T03:28:18Z) - PolyDL: Polyhedral Optimizations for Creation of High Performance DL
primitives [55.79741270235602]
We present compiler algorithms to automatically generate high performance implementations of Deep Learning primitives.
We develop novel data reuse analysis algorithms using the polyhedral model.
We also show that such a hybrid compiler plus a minimal library-use approach results in state-of-the-art performance.
arXiv Detail & Related papers (2020-06-02T06:44:09Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.