Paper 2019/366

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Iaroslav Gridin, Cesar Pereida García, Nicola Tuveri, and Billy Bob Brumley

Abstract

Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including runtime flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
software testingregression testingcontinuous integrationdynamic program analysisapplied cryptographyside-channel analysisOpenSSL
Contact author(s)
iaroslav gridin @ tuni fi
billy brumley @ tuni fi
History
2019-04-25: revised
2019-04-11: received
See all versions
Short URL
https://ia.cr/2019/366
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/366,
      author = {Iaroslav Gridin and Cesar Pereida García and Nicola Tuveri and Billy Bob Brumley},
      title = {Triggerflow: Regression Testing by Advanced Execution Path Inspection},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/366},
      year = {2019},
      url = {https://eprint.iacr.org/2019/366}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.