Periodic Reporting for period 2 - SCARE (Side-Channel Aware Engineering)
Reporting period: 2020-06-01 to 2021-11-30
The first objective of SCARE concerns next generation side-channels. The goal is to discover new sources of leakage, leading to novel covert channel classes that will build a foundation for new types of SCA.
The second objective of SCARE concerns side-channel security assurance. The goal is to encompass side-channel security as part of the development lifecycle.
SCARE focuses on devices and systems that are deployed in the real world to maximize societal impact. This approach ensures that the scientific results of SCARE have a distinct, immediate application, inspired by the implementation characteristics that are the foundation of SCA.
WP1 seeks to deepen the understanding of leakage, exploring known channels but more importantly developing new channels. These new channels will form the basis for next generation side-channel attacks, laying out the groundwork for new classes of attacks for many years to come.
The main result from WP1 so far is the novel PortSmash microarchitecture technique. Applicable in Simultaneous Multithreading (SMT) architectures, PortSmash uses SMT execution engine sharing as a side-channel leakage source. It targets ports to stacks of execution units to create a high-resolution timing side channel due to port contention, inherently stealthy since it does not depend on the memory subsystem.
WP2 seeks to understand the exploitability of the channels from WP1. The focus is on end-to-end side-channel attacks, from triggering the leakage all the way through to complete key recovery.
The main result from WP2 so far is the analysis of Mozilla's NSS open source software library. It is a security-critical library that powers other popular application software, such as the Firefox web browser. We used a combination of two independently-developed SCA security frameworks to identify and test security vulnerabilities. Furthermore, we contributed fixes for the discovered issues.
WP3 turns to countermeasures. It seeks to develop and evaluate countermeasures to the leakage sources in WP1 and attacks realized in WP2. The aim is a holistic approach, rather than limiting to dedicated mitigations.
The main result from WP3 so far is Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. The main application of the tool is regression testing for software as part of Continuous Integration (CI), to ensure expected control flow at runtime. We used Triggerflow to establish automated testing through CI for the open source OpenSSL software project.
Societal impact is a key outcome for SCARE. Identifiers for Common Vulnerabilities and Exposures (CVE) span several vendors of real-world security-critical products directly impacted by SCARE results. So far, these include OpenSSL (CVE-2018-0737, CVE-2018-5407, CVE-2019-1547), ARM's Mbed TLS (CVE-2019-18222, CVE-2020-10932), wolfSSL (CVE-2020-11735), and Mozilla's NSS (CVE-2020-12399, CVE-2020-12401, CVE-2020-12402, CVE-2020-6829).