Metadata
| Year | - |
|---|---|
| Target | Binary |
| Technique | Dynamic |
| Guarantees | sound with restrictions |
| Available | yes |
| Website | https://www.post-apocalyptic-crypto.org/timecop/ |
| Paper1 | Automated dynamic analysis for timing side-channels (blog) |
| Tutorial | yes |
Description
The TIMECOP tool is a tool that uses Valgrind’s memcheck client requests VALGRIND_MAKE_MEM_{UN}DEFINED to essentially implement a method like ctgrind. It is a part of the SUPERCOP toolkit (System for Unified Performance Evaluation Related to Cryptographic Operations and Primitives) and is used to evaluate the constant-time properties of implementations in SUPERCOP.
Abstract
Even though modern CPUs and operating systems have various methods to separate processes from one another, some side-channels can remain that allow attackers to extract information across process, CPU 5, or even network boundaries 3.
One such side-channel can open up when the execution time of a piece of code depends on secret data. This class of vulnerabilities has been used succesfully in the past to extract encryption keys from AES, private keys from RSA, and other kinds of attacks.
Timing side-channels can be hard to spot in the wild, but they can be detected automatically to some degree with dynamic analysis. TIMECOP applies this analysis to the SUPERCOP benchmarking suite, covering over 2,700 implementations of cryptographic algorithms. The results are presented.