Please use this identifier to cite or link to this item: https://doi.org/10.15480/882.2852
DC FieldValueLanguage
dc.contributor.advisorGollmann, Dieter-
dc.contributor.authorFriemann, Jannik-
dc.date.accessioned2020-07-30T10:03:28Z-
dc.date.available2020-07-30T10:03:28Z-
dc.date.issued2020-06-09-
dc.identifier.urihttp://hdl.handle.net/11420/6908-
dc.description.abstractConstant-time implementations are a popular approach for defending against cache-timing attacks. It is necessary to verify the resulting executables of such implementations, because the compiler might introduce timing side-channels during code optimization, leaving the program vulnerable even though the source code has no indication of possible timing side-channels. This thesis proposes a novel approach for formally verifying executables to be constant-time, by developing a type system for scVerif's low-level, assembly-like intermediate language, which features explicit leak statements. The resulting type checker can detect timing side-channels for arbitrary leakage models, including data-dependent instruction timings. However, the implementation needs further work before it can be applied on real world cryptographic implementations. Once a better implementation of the approach exists, it can easily be used for automatic checks of executables for cache-timing side-channels. Users only have to specify the initial secrecy of every variable using easy to use source code comments.en
dc.language.isoende_DE
dc.rights.urihttps://creativecommons.org/licenses/by/4.0/de_DE
dc.subjectverificationde_DE
dc.subjectcache-timingde_DE
dc.subjectside-channelde_DE
dc.subjectlow-levelde_DE
dc.subjecttype checkingde_DE
dc.subject.ddc004: Informatikde_DE
dc.subject.ddc600: Technikde_DE
dc.subject.ddc620: Ingenieurwissenschaftende_DE
dc.titleDetecting timing side-channels in executablesde_DE
dc.typeThesisde_DE
dcterms.dateAccepted2020-06-26-
dc.identifier.doi10.15480/882.2852-
dc.type.thesisbachelorThesisde_DE
dc.type.dinibachelorThesis-
dcterms.DCMITypeText-
tuhh.identifier.urnurn:nbn:de:gbv:830-882.0100898-
tuhh.oai.showtruede_DE
tuhh.abstract.englishConstant-time implementations are a popular approach for defending against cache-timing attacks. It is necessary to verify the resulting executables of such implementations, because the compiler might introduce timing side-channels during code optimization, leaving the program vulnerable even though the source code has no indication of possible timing side-channels. This thesis proposes a novel approach for formally verifying executables to be constant-time, by developing a type system for scVerif's low-level, assembly-like intermediate language, which features explicit leak statements. The resulting type checker can detect timing side-channels for arbitrary leakage models, including data-dependent instruction timings. However, the implementation needs further work before it can be applied on real world cryptographic implementations. Once a better implementation of the approach exists, it can easily be used for automatic checks of executables for cache-timing side-channels. Users only have to specify the initial secrecy of every variable using easy to use source code comments.de_DE
tuhh.publication.instituteSicherheit in verteilten Anwendungen E-15de_DE
tuhh.identifier.doi10.15480/882.2852-
tuhh.type.opusBachelor Thesis-
tuhh.gvk.hasppnfalse-
tuhh.contributor.refereeGourjon, Marc Olivier-
tuhh.hasurnfalse-
dc.type.driverbachelorThesis-
thesis.grantor.universityOrInstitutionTechnische Universität Hamburgde_DE
thesis.grantor.placeHamburgde_DE
dc.type.casraiSupervised Student Publication-
dc.rights.nationallicensefalsede_DE
local.status.inpressfalsede_DE
item.advisorGNDGollmann, Dieter-
item.creatorGNDFriemann, Jannik-
item.openairecristypehttp://purl.org/coar/resource_type/c_46ec-
item.grantfulltextopen-
item.languageiso639-1en-
item.openairetypeThesis-
item.cerifentitytypePublications-
item.creatorOrcidFriemann, Jannik-
item.fulltextWith Fulltext-
Appears in Collections:Publications with fulltext
Files in This Item:
File Description SizeFormat
Detecting-Timing-Side-Channels-in-Executables.pdfAbschlussarbeit309,84 kBAdobe PDFThumbnail
View/Open
Show simple item record

Page view(s)

133
Last Week
40
Last month
checked on Aug 11, 2020

Download(s)

45
checked on Aug 11, 2020

Google ScholarTM

Check

Note about this record

Export

This item is licensed under a Creative Commons License Creative Commons