Netinfo Security ›› 2022, Vol. 22 ›› Issue (4): 7-19.doi: 10.3969/j.issn.1671-1122.2022.04.002

Previous Articles     Next Articles

Study on Static Detection of Timing Side Channel for RISC-V Architecture

TANG Ming1,2, LI Cong1,2(), LI Yongbo1,2, YUE Tianyu3   

  1. 1. School of Cyber Science and Engineering, Wuhan University, Wuhan 430064, China
    2. Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, Wuhan University, Wuhan 430064, China
    3. School of Cyber Science and Technology, Beihang University, Beijing 100191, China
  • Received:2021-12-28 Online:2022-04-10 Published:2022-05-12
  • Contact: LI Cong E-mail:licong.whu@foxmail.com

Abstract:

Timing side channel attacks pose a serious threat to software confidentiality for the open source RISC-V architecture, but there is currently lack of research on static analysis of timing side channel leakage on the RISC-V architecture. This paper evaluated the scope of application, advantages and disadvantages of common static analysis methods for timing side channel leakage, optimized the analysis algorithms according to the characteristics of RISC-V assembly language, and implemented a combined information flow analysis method for the 64-bit general instruction set of RISC-V RV64G and a temporal side-channel analysis model that simplified symbolic execution theory. This paper tests the implementation of AES, RSA and also other cryptographic algorithms of the general open source network communication cryptographic library OpenSSL and NaCl. The test results show that compared with the existing analysis tool that has the highest accuracy rate, the model in this paper approximately improved the accuracy by 17% and reduced the false negative rate by 22% under the same test vector, which improved the analysis speed and alleviated the path explosion problem to a certain extent, providing a reference for the design of side-channel analysis tools on RISC-V architecture.

Key words: timing side channel, static detection, RISC-V architecture, cryptographic algorithm

CLC Number: