Detecting Timing Side Channels by Program Analysis

09.04.2015, 15:00 – 16:00

2015/04/09 15:00-16:00

Speaker: Artem Starostin, Alexandra Weber, Xucheng Yin | Location: Mornewegstraße 32 (S4|14), Room 3.1.01, Darmstadt

Organizer: Nina Bindel

Abstract

Timing side-channel attacks constitute a severe threat to the security of computer systems. During such an attack, the attacker exploits timing side-channel vulnerabilities, particular patterns in system's implementation that result in leakage of secret information. Program analysis offers a lot of opportunities for analyzing implementations of software systems. In this talk, we present our program analysis for detection of timing side-channel vulnerabilities in Java programs. We demonstrate how our analysis can be used for detection of vulnerabilities in open-source cryptographic implementations in Java. We speak about opportunities offered by our approach, and discuss how we plan to explore them in CROSSING.

Short Bio

Artem Starostin

Alexandra Weber

Xucheng Yin