Abstract
A timing attack exploits the variance in the running time of a crypto-algorithm’s implementation in order to infer confidential information. Such a dependence between confidential information and the running time, called a timing channel, is often caused by branching of the control flow in the implementation’s source code with branching conditions depending on the attacked secrets. We present the Side Channel Finder, a static analysis tool for detection of such timing channels in Java implementations of cryptographic algorithms.
Similar content being viewed by others
References
Flow Caml. http://www.normalesup.org/~simonet/soft/flowcaml/ (2003)
GNU Classpath. http://www.gnu.org/software/classpath/ (2009)
FlexiProvider—A Toolkit for the Java Cryptography Architecture (JCA/JCE). http://www.flexiprovider.de (2010)
JIF: Java + information flow. http://www.cs.cornell.edu/jif/ (2010)
Eclipse—The Eclipse Foundation open source community website. http://www.eclipse.org/ (2011)
Aciiçmez, O., Schindler, W., Koç, Ç. K.: Improving Brumley and Boneh timing attack on unprotected SSL implementations. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), pp. 139–146. ACM, Alexandria (2005)
Agat, J.: Transforming out Timing Leaks. In: Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pp. 40–53. ACM Press, Boston (2000)
Agat, J.: Type Based Techniques for Covert Channel Elimination and Register Allocation. Ph.D. thesis, Chalmers University of Technology (2001)
Bakhshi, B., Sadeghiyan, B.: A timing attack on Blakley’s modular multiplication algorithm, and applications to DSA. In: Proceedings of the 5th International Conference on Applied Cryptography and Network Security (ACNS), LNCS, vol. 4521, pp. 129–140. Springer. Berlin (2007)
Barthe, G., Rezk, T., Warnier, M.: Preventing timing leaks through transactional branching instructions. In: Proceedings of the 3rd Workshop on Quantitative Aspects of Programming Languages (QAPL), ENTCS, vol. 153, pp. 33–55. Elsevier, Edinburgh (2006)
Brumley D., Boneh D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)
Chapman, R., Hilton, A.: Enforcing security and safety models with an information flow analysis tool. In: Proceedings of the 2004 Annual ACM SIGAda International Conference on Ada, SIGAda ’04, pp. 39–46. ACM, New York (2004)
Dhem, J.F., Koeune, F., Leroux, P.A., Mestré, P., Quisquater, J.J., Willems, J.L.: A practical implementation of the timing attack. In: Proceedings of the 3rd International Conference on Smart Card. Research and Applications (CARDIS 98), LNCS, vol. 1820, pp. 167–182. Springer, Berlin (1998)
Gesser, J.V.: javaparser. http://code.google.com/p/javaparser/ (2010)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 11–20. IEEE Computer Society, Oakland (1982)
Hammer, C.: Experiences with PDG-based IFC. In: Proceedings of the 2nd International Symposium on Engineering Secure Software and Systems (ESSoS 2010), LNCS, vol. 5965, pp. 44–60. Springer, Berlin (2010)
Hevia, A., Kiwi, M.: Strength of two data encryption standard implementations under timing attacks. In: Proceedings of the Theoretical Informatics Third Latin American Symposium (LATIN), LNCS, vol. 1380, pp. 192–205. Springer, Campinas (1998)
Kelsey J., Schneier B., Wagner D., Hall C.: Side channel cryptanalysis of product ciphers. J. Comput. Secur. 8(2–3), 141–158 (2000)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO), LNCS, vol. 1109, pp. 104–113. Springer, Santa Barbara (1996)
Köpf B., Mantel H.: Transformational typing and unification for automatically correcting insecure programs. Int. J. Inf. Secur. 6(2–3), 107–131 (2007)
Lampson B.W.: A note on the confinement problem. Commun. ACM 16, 613–615 (1973)
Lux, A., Mantel, H., Perner, M., Starostin, A.: Side Channel Finder (Version 1.0). Tech. Rep. TUD-CS-2010-0155, TU Darmstadt (2010)
Mitchell J.C.: Handbook of theoretical computer science (vol. b) chap. Type systems for programming languages, pp. 365–458. MIT Press, Cambridge (1990)
Molnar, D., Piotrowski, M., Schultz, D., Wagner, D.: The program counter security model: automatic detection and removal of control-flow side channel attacks. In: Proceedings of the 8th Annual International Conference on Information Security and Cryptology (ICISC), pp. 156–168. Springer, Seoul (2005)
Myers, A.C.: JFlow: practical mostly-static information flow control. In: Proceedings of the 26th ACM Symposium on Principles of Programming Languages (POPL), pp. 228–241. ACM, San Antonio (1999)
Sabelfeld A., Myers A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)
Schindler, W.: A timing attack against RSA with the Chinese remainder theorem. In: Proceedings of Second International Workshop on Cryptographic Hardware and Embedded Systems (CHES), LNCS, vol. 1965, pp. 109–124. Springer, Worcester (2000)
Schindler, W.: On the optimization of side-channel attacks by advanced stochastic methods. In: Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC), LNCS, vol. 3386, pp. 85–103. Springer, Les Diablerets (2005)
Shoufan, A., Strenzke, F., Molter, H.G., Stöttinger, M.: A timing attack against Patterson algorithm in the McEliece PKC. In: Proceedings of the 12th International Conference on Information, Security and Cryptology (ICISC), LNCS, vol. 5984, pp. 161–175. Springer, Seoul (2009, revised selected papers)
Standaert, F.X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Proceedings of the 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), LNCS, vol. 5479, pp. 443–461. Springer, Berlin (2009)
Strenzke, F.: A timing attack against the secret permutation in the McEliece PKC. In: Proceedings of the Third International Workshop on Post-Quantum Cryptography (PQCrypto), LNCS, vol. 6061, pp. 95–107. Springer, Darmstadt (2010)
Strenzke, F., Tews, E., Molter, H.G., Overbeck, R., Shoufan, A.: Side channels in the McEliece PKC. In: Proceedings of the 2nd International Workshop on Post-Quantum Cryptography (PQCrypto), LNCS, vol. 5299, pp. 216–229. Springer, Cincinnati (2008)
Volpano D., Smith G., Irvine C.: A sound type system for secure flow analysis. J. Comput. Secur. 4(3), 1–21 (1996)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lux, A., Starostin, A. A tool for static detection of timing channels in Java. J Cryptogr Eng 1, 303–313 (2011). https://doi.org/10.1007/s13389-011-0021-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-011-0021-z