Write a Blog >>
ICSE 2021
Sun 16 May - Sat 5 June 2021

This program is tentative and subject to change.

Side-channel attacks allow adversaries to infer sensitive information from non-functional characteristics. Prior side-channel detection work is able to identify numerous potential vulnerabilities. However, in practice, many such vulnerabilities leak a negligible amount of sensitive information, and thus developers are often reluctant to address them. Existing tools do not provide information to evaluate a leak’s severity, such as the number of leaked bits.

To address this issue, we propose a new program analysis method to precisely quantify the leaked information in a single-trace attack through side-channels. It can identify covert information flows in programs that expose confidential information and can reason about security flaws that would otherwise be difficult, if not impossible, for a developer to find. We model an attacker’s observation of each leakage site as a constraint. We use symbolic execution to generate these constraints and then run Monte Carlo sampling to estimate the number of leaked bits for each leakage site. By applying the Central Limit Theorem, we provide an error bound for these estimations.

We have implemented the technique in a tool called Abacus, which not only finds very fine-grained side-channel vulnerabilities but also estimates how many bits are leaked. Abacus outperforms existing dynamic side-channel detection tools in performance and accuracy. We evaluate Abacus on OpenSSL, mbedTLS, Libgcrypt, and Monocypher. Our results demonstrate that most reported vulnerabilities are difficult to exploit in practice and should be de-prioritized by developers. We also find several sensitive vulnerabilities that are missed by the existing tools. We confirm those vulnerabilities with manual checks and by contacting the developers.

This program is tentative and subject to change.

Tue 25 May
Times are displayed in time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:40 - 17:35
1.4.3. Identifying Information LeaksTechnical Track / NIER - New Ideas and Emerging Results at Blended Sessions Room 3
Chair(s): Oscar DiesteUniversidad Politécnica de Madrid
16:40
15m
Paper
An Axiomatic Approach to Detect Information Leaks in Concurrent ProgramsNIER
NIER - New Ideas and Emerging Results
Sandip GhosalIndian Institute of Technology, Bombay, R.K. ShyamasundarIndian Institute of Technology, Bombay
Pre-print
16:55
20m
Paper
Abacus: Precise Side-Channel AnalysisTechnical TrackArtifact Available
Technical Track
Qinkun BaoThe Pennsylvania State University, Zihao WangThe Pennsylvania State University, Xiaoting LiPenn State University, James LarusEPFL, Dinghao WuThe Pennsylvania State University
Pre-print Media Attached
17:15
20m
Paper
Data-Driven Synthesis of a Provably Sound Side Channel AnalysisTechnical Track
Technical Track
Jingbo WangUniversity of Southern California, Chungha SungUniversity of Southern California, Mukund RaghothamanUniversity of Southern California, Chao WangUSC
Pre-print