Exploring Micro-architectural Side-Channel Leakages through Statistical Testing

Sarani Bhattacharyaa and Ingrid Verbauwhedeb
imec-COSIC, ESAT, KU Leuven
asarani.bhattacharya@esat.kuleuven.be
bingrid.verbauwhede@esat.kuleuven.be

ABSTRACT


Micro-architectural side-channel leakage received a lot of attention due to their high impact on software security on complex out-of-order processors. These are extremely specialised threat models and can be only realised in practise with high precision measurement code, triggering micro-architectural behavior that leaks information. In this paper, we present a tool to support the inexperienced user to verify his code for sidechannel leakage. We combine two very useful tools- statistical testing and hardware performance monitors to bridge this gap between the understanding of the general purpose users and the most precise speculative execution attacks. We first show that these event counters are more powerful than observing timing variabilities on an executable. We extend Dudect, where the raw hardware events are collected over the target executable, and leakage detection tests are incorporated on the statistics of observed events following the principles of non-specific t-tests. Finally, we show the applicability of our tool on the most popular speculative micro-architectural and data-sampling attack models.



Full Text (PDF)