Towards Cycle-Level Verification of Constant-Time Cryptography

• dc.contributor.advisor: Athalye, Anish
• dc.contributor.advisor: Zeldovich, Nickolai
• dc.contributor.author: Xu, Jessica Y.
• dc.date.issued: 2024-05
• dc.date.submitted: 2024-07-11T14:36:07.766Z
• dc.identifier.uri: https://hdl.handle.net/1721.1/156566
• dc.description.abstract: Cryptographic primitives–hash functions, symmetric key encryption algorithms, asymmetric key exchange algorithms, and more–are used everywhere to achieve security in modern computing. Since these algorithms have complicated, math-heavy implementations, they are typically used through cryptographic library functions. However, many timing side-channel attacks, which leak information when execution time depends on secrets, have been found in popular cryptographic libraries, such as OpenSSL. Formal verification aims to rule out timing side channels in cryptographic software. This thesis presents Quake, a framework for verifying cryptographic library functions are constant-time for a specific hardware implementation, regardless of where the code is located in memory. Quake represents the location of code in memory using symbolic addresses and introduces a ROM model that gets concrete memory data from symbolic addresses. This thesis evaluates Quake and demonstrates that it can detect address-dependent timing behavior and does so in a reasonable amount of time.
• dc.publisher: Massachusetts Institute of Technology
• dc.type: Thesis
• dc.description.degree: M.Eng.
• dc.contributor.department: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
• mit.thesis.degree: Master
• thesis.degree.name: Master of Engineering in Electrical Engineering and Computer Science