A New Approach to Quantify Cache Side-Channel Leakage


Dr. Sudipta Chattopadhyay

24.11.2016, 11:00, room 4981


Cache timing attacks allow attackers to infer the properties of a secret execution by observing cachehits and misses. But how much information can actually leak through such attacks? I will present CHALICE that answers thisquestion. I will discuss that existing approaches to quantify information leak are incapable to highlight critical information leak scenarios and they are not suitable for security testing of arbitrary software. At the core of CHALICE is an approach that leverages symbolic execution to categorize inputs with respect to memory performance. CHALICE reports information leak forreal-world programs from OpenSSL and Linux GDK libraries: For anAES-128 implementation on Linux, for instance, CHALICE finds that a cache attack can leak as much as 127 outof 128 bits of the encryption key.


Dr. Sudipta is currently affiliated with the Center for IT-Security, Privacy and Accountability (CISPA) at Saarland University and the Software Engineering Chair leaded by Prof. Andreas Zeller. Before coming to Germany, he was a post-doctoral researcher at Linkoeping University, Sweden where he primarily worked in ESLAB. He has obtained his Ph.D. in Computer Science from National University of Singapore (NUS), Singapore in 2013. Prior to his PhD study, he was working as a Research and Development Engineer in Synopsys for 1.5 years. His research interests broadly cover the area of Program Analysis, Embedded Systems and Compilers.