Katalog Plus
Bibliothek der Frankfurt UAS
Bald neuer Katalog: sichern Sie sich schon vorab Ihre persönlichen Merklisten im Nutzerkonto: Anleitung.
Ihre Suchbegriffe : Einfache Suche: (Verfasser: Bendix, Jacob)
Dieses Ergebnis aus BASE kann Gästen nicht angezeigt werden.  Login für vollen Zugriff.
« zurück zum Suchergebnis

'They're not that hard to mitigate': What Cryptographic Library Developers Think About Timing Attacks

Title: 'They're not that hard to mitigate': What Cryptographic Library Developers Think About Timing Attacks
Authors: Jancar, Jan; Fourné, Marcel; de Almeida Braga, Daniel; Sabt, Mohamed; Schwabe, Peter; Barthe, Gilles; Fouque, Pierre-Alain; Acar, Yasemin
Contributors: Masaryk University Brno (MUNI); Max Planck Institute for Security and Privacy Bochum (MPI SP); Security & PrIvaCY (SPICY); SYSTÈMES LARGE ÉCHELLE (IRISA-D1); Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA); Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes); Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique); Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes); Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA); Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT); Université de Rennes (UR); Centre National de la Recherche Scientifique (CNRS); Radboud University Nijmegen; Institute IMDEA Software Madrid; Applied Cryptography and Implementation Security (CAPSULE); Inria Rennes – Bretagne Atlantique; Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-SYSTÈMES LARGE ÉCHELLE (IRISA-D1); Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique); The George Washington University (GW); Czech Science Foundation project GA2003426S; Red Hat Czech; Direction Générale de l’Armement (Pôle de Recherche CYBER); European Project: 805031,EPOQUE
Source: 2022 IEEE Symposium on Security and Privacy (SP); 2022 IEEE Symposium on Security and Privacy; https://hal.science/hal-03694811; 2022 IEEE Symposium on Security and Privacy, May 2022, San Francisco, United States. pp.755-772, ⟨10.1109/SP46214.2022.9833713⟩; https://www.ieee-security.org/TC/SP2022/
Publisher Information: HAL CCSD; IEEE Computer Society
Publication Year: 2022
Collection: Université de Rennes 1: Publications scientifiques (HAL)
Subject Terms: constant-time; timing-attacks; cryptographic-library; survey; developer-survey; expert-survey; usable-security; human-factors; cryptography; [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]; [INFO.INFO-OH]Computer Science [cs]/Other [cs.OH]
Subject Geographic: San Francisco; United States
Description: International audience ; Timing attacks are among the most devastating side-channel attacks, allowing remote attackers to retrieve secret material, including cryptographic keys, with relative ease. In principle, “these attacks are not that hard to mitigate”: the basic intuition, captured by the constant-time criterion, is that control-flow and memory accesses should be independent from secrets. Furthermore, there is a broad range of tools for automatically checking adherence to this intuition. Yet, these attacks still plague popular crypto libraries twenty-five years after their discovery, reflecting a dangerous gap between academic research and crypto engineering. This gap can potentially undermine the emerging shift towards high-assurance, formally verified crypto libraries. However, the causes for this gap remain uninvestigated. To understand the causes of this gap, we conducted a survey with 44 developers of 27 prominent open source cryptographic libraries. The goal of the survey was to analyze if and how the developers ensure that their code executes in constant time. Our main findings are that developers are aware of timing attacks and of their potentially dramatic consequences and yet often prioritize other issues over the perceived huge investment of time and resources currently needed to make their code resistant to timing attacks. Based on the survey, we identify several shortcomings in existing analysis tools for constant-time, and issue recommendations that can make writing constant-time libraries less difficult. Our recommendations can inform future development of analysis tools, security-aware compilers, and crypto libraries, not only for constant-timeness, but in the broader context of side-channel attacks, in particular for micro-architectural side-channel attacks.
Document Type: conference object
Language: English
Relation: info:eu-repo/grantAgreement//805031/EU/ERC Starting Grant 805031 (EPOQUE)/EPOQUE
DOI: 10.1109/SP46214.2022.9833713
Availability: https://hal.science/hal-03694811; https://hal.science/hal-03694811v1/document; https://hal.science/hal-03694811v1/file/2022-sp-usec.pdf; https://doi.org/10.1109/SP46214.2022.9833713
Rights: info:eu-repo/semantics/OpenAccess
Accession Number: edsbas.3F4DC307
Database: BASE
Frankfurt University of Applied Sciences | Impressum | Datenschutz