Quantifying the Information Leak in Cache Attacks through Symbolic Execution
This addresses the security problem of cache side-channel vulnerabilities for software developers and security analysts, providing a novel quantification method rather than an incremental improvement.
The paper tackles the problem of quantifying information leakage in cache timing attacks by introducing the CHALICE framework, which uses symbolic execution to compute potential leaks, and finds that in an AES-128 implementation, up to 127 out of 128 bits of the encryption key can be leaked.
Cache timing attacks allow attackers to infer the properties of a secret execution by observing cache hits and misses. But how much information can actually leak through such attacks? For a given program, a cache model, and an input, our CHALICE framework leverages symbolic execution to compute the amount of information that can possibly leak through cache attacks. At the core of CHALICE is a novel approach to quantify information leak that can highlight critical cache side-channel leaks on arbitrary binary code. In our evaluation on real-world programs from OpenSSL and Linux GDK libraries, CHALICE effectively quantifies information leaks: For an AES-128 implementation on Linux, for instance, CHALICE finds that a cache attack can leak as much as 127 out of 128 bits of the encryption key.