Further, we propose a generic source-to-source transformation that produces programs provably secure against control-flow side channel attacks. We implemented this transform for C together with a static checker that conservatively checks x86 assembly for violations of program counter security; our checker allows us to compile with optimizations while retaining assurance the resulting code is secure. We then measured our technique's effect on the performance of binary modular exponentiation and real-world implementations in C of RC5 and IDEA: we found it has a performance overhead of at most 5X and a stack space overhead of at most 2X. Our approach to side channel security is practical, generally applicable, and provably secure against an interesting class of side channel attacks.
Category / Keywords: implementation / side channels, countermeasures, PC-model Publication Info: Short version to appear in ICISC 2005. This is the long version. Date: received 18 Oct 2005, last revised 13 Dec 2005 Contact author: dmolnar at eecs berkeley edu Available format(s): PDF | BibTeX Citation Note: Current posting is a preliminary draft. Comments welcomed. Version: 20051213:104400 (All versions of this report) Short URL: ia.cr/2005/368 Discussion forum: Show discussion | Start new discussion