A hybrid approach to formal verification of higher-order masked arithmetic programs

Gao, P. and Xie, H. and Song, F. and Chen, Taolue (2021) A hybrid approach to formal verification of higher-order masked arithmetic programs. ACM Transactions on Software Engineering and Methodology 30 (3), 26:1-26:42.

Abstract

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out to be an error-prone task. Current techniques for verifying whether masked programs are secure are limited in their applicability and accuracy, especially when they are applied. To bridge this gap, in this article, we first propose a sound type system, equipped with an efficient type inference algorithm, for verifying masked arithmetic programs against higher-order attacks. We then give novel model-counting-based and pattern-matching-based methods that are able to precisely determine whether the potential leaky observable sets detected by the type system are genuine or simply spurious. We evaluate our approach on various implementations of arithmetic cryptographic programs. The experiments confirm that our approach outperforms the state-of-the-art baselines in terms of applicability, accuracy, and efficiency.

Metadata

Statistics

DownloadsShow export options

Export as XMLJSONCSV

Activity Overview

6 month trend

53Downloads

6 month trend

95Hits

Additional statistics are available via IRStats2.

Archive Staff Only (login required)

Edit/View Item