Automatic and Incremental Repair for Speculative Information Leaks
Abstract
We present CureSpec, the first model-checking based framework for automatic repair of programs with respect to information leaks in the presence of side-channels and speculative execution. CureSpec is based on formal models of attacker capabilities, including observable side channels, inspired by the Spectre attacks. For a given attacker model, CureSpec is able to either prove that the program is secure, or detect potential side-channel vulnerabilities and automatically insert mitigations such that the resulting code is provably secure. Moreover, CureSpec can provide a certificate for the security of the program that can be independently checked. We have implemented CureSpec in the SeaHorn framework and show that it can effectively repair security-critical code, for example the AES encryption from the OpenSSL library.
- Publication:
-
arXiv e-prints
- Pub Date:
- May 2023
- DOI:
- 10.48550/arXiv.2305.10092
- arXiv:
- arXiv:2305.10092
- Bibcode:
- 2023arXiv230510092B
- Keywords:
-
- Computer Science - Logic in Computer Science;
- Computer Science - Cryptography and Security
- E-Print:
- 25 pages