Search engine for discovering works of Art, research articles, and books related to Art and Culture
Javascript must be enabled to continue!
Robust Constant-Time Cryptography
View through CrossRef
Cryptographic library developers take care to ensure their library does not leak secrets even when there are (inevitably) exploitable vulnerabilities in the applications the library is linked against. To do so, they choose some class of application vulnerabilities to defend against and hardcode protections against those vulnerabilities in the library code. A single set of choices is a poor fit for all contexts: a chosen protection could impose unnecessary overheads in contexts where those attacks are impossible, and an ignored protection could render the library insecure in contexts where the attack is feasible.
We introduce RoboCop, a new methodology and toolchain for building secure and efficient applications from cryptographic libraries, via four contributions. First, we present an operational semantics that describes the behavior of a (cryptographic) library executing in the context of a potentially vulnerable application so that we can precisely specify what different attackers can observe. Second, we use our semantics to define a novel security property, Robust Constant Time (RCT), that defines when a cryptographic library is secure in the context of a vulnerable application. Crucially, our definition is parameterized by an attacker model, allowing us to factor out the classes of attackers that a library may wish to secure against. This refactoring yields our third contribution: a compiler that can synthesize bespoke cryptographic libraries with security tailored to the specific application context against which the library will be linked, guaranteeing that the library is RCT in that context. Finally, we present an empirical evaluation that shows the RoboCop compiler can automatically generate code to efficiently protect a wide range (over 500) of cryptographic library primitives against three classes of attacks: read gadgets (due to application memory safety vulnerabilities), speculative read gadgets (due to application speculative execution vulnerabilities), and concurrent observations (due to application threads), with performance overhead generally under 2% for protections from read gadgets and under 4% for protections from speculative read gadgets, thus freeing library developers from making one-size-fits-all choices between security and performance.
Association for Computing Machinery (ACM)
Title: Robust Constant-Time Cryptography
Description:
Cryptographic library developers take care to ensure their library does not leak secrets even when there are (inevitably) exploitable vulnerabilities in the applications the library is linked against.
To do so, they choose some class of application vulnerabilities to defend against and hardcode protections against those vulnerabilities in the library code.
A single set of choices is a poor fit for all contexts: a chosen protection could impose unnecessary overheads in contexts where those attacks are impossible, and an ignored protection could render the library insecure in contexts where the attack is feasible.
We introduce RoboCop, a new methodology and toolchain for building secure and efficient applications from cryptographic libraries, via four contributions.
First, we present an operational semantics that describes the behavior of a (cryptographic) library executing in the context of a potentially vulnerable application so that we can precisely specify what different attackers can observe.
Second, we use our semantics to define a novel security property, Robust Constant Time (RCT), that defines when a cryptographic library is secure in the context of a vulnerable application.
Crucially, our definition is parameterized by an attacker model, allowing us to factor out the classes of attackers that a library may wish to secure against.
This refactoring yields our third contribution: a compiler that can synthesize bespoke cryptographic libraries with security tailored to the specific application context against which the library will be linked, guaranteeing that the library is RCT in that context.
Finally, we present an empirical evaluation that shows the RoboCop compiler can automatically generate code to efficiently protect a wide range (over 500) of cryptographic library primitives against three classes of attacks: read gadgets (due to application memory safety vulnerabilities), speculative read gadgets (due to application speculative execution vulnerabilities), and concurrent observations (due to application threads), with performance overhead generally under 2% for protections from read gadgets and under 4% for protections from speculative read gadgets, thus freeing library developers from making one-size-fits-all choices between security and performance.
Related Results
Comparative book review: Cryptography: An Introduction by V. V. Yaschenko (American Mathematical Society, 2002); Cryptanalysis of Number Theoretic Ciphers by S.S. Wagstaff, Jr. (Chapman & Hall/CRC Press, 2003); RSA and Public-Key Cryptography by R. A.
Comparative book review: Cryptography: An Introduction by V. V. Yaschenko (American Mathematical Society, 2002); Cryptanalysis of Number Theoretic Ciphers by S.S. Wagstaff, Jr. (Chapman & Hall/CRC Press, 2003); RSA and Public-Key Cryptography by R. A.
With the growing interest in cryptography --- from students and
researchers as well as from the general public --- there has been a
corresponding increase in the number of cryptogr...
A Survey about Post Quantum Cryptography Methods
A Survey about Post Quantum Cryptography Methods
Cryptography is an art of hiding the significant data or information with some other codes. It is a practice and study of securing information and communication. Thus, cryptography...
PERANCANGAN WEB EDUKASI KRIPTOGRAFI DASAR
PERANCANGAN WEB EDUKASI KRIPTOGRAFI DASAR
<p><em>Cryptography is a science or art that is useful for maintaining the confidentiality of letters by converting messages into forms that are no longer understood (S...
Quantum Cryptography Key Distribution
Quantum Cryptography Key Distribution
Quantum cryptography is actions to protect transactions through executing the circumstance of quantum physics. Up-to-the-minute cryptography builds security over the primitive abil...
Quantum cryptography for secured communication networks
Quantum cryptography for secured communication networks
Quantum cryptography is a method for accessing data with the cryptosystem more efficiently. The network security and the cryptography are the two major properties in securing the d...
Code-based Post-Quantum Cryptography
Code-based Post-Quantum Cryptography
Cryptography has been used from time immemorial for preserving the confidentiality of data/information in storage or in transit. Thus, cryptography research has also been evolving ...
An Emphasis on Quantum Cryptography and Quantum Key Distribution
An Emphasis on Quantum Cryptography and Quantum Key Distribution
The application of internet has spiked up in the present-day scenario, as the exchange of information made between two parties happens in public environment. Hence privacy of infor...
QUANTUM CRYPTOGRAPHY AND U.S. DIGITAL SECURITY: A COMPREHENSIVE REVIEW: INVESTIGATING THE POTENTIAL OF QUANTUM TECHNOLOGIES IN CREATING UNBREAKABLE ENCRYPTION AND THEIR FUTURE IN NATIONAL SECURITY
QUANTUM CRYPTOGRAPHY AND U.S. DIGITAL SECURITY: A COMPREHENSIVE REVIEW: INVESTIGATING THE POTENTIAL OF QUANTUM TECHNOLOGIES IN CREATING UNBREAKABLE ENCRYPTION AND THEIR FUTURE IN NATIONAL SECURITY
This study provides a comprehensive review of quantum cryptography and its implications for U.S. national security in the face of emerging quantum technologies. The primary objecti...