Support
Quality
Security
License
Reuse
kandi has reviewed tsunami-security-scanner and discovered the below as its top functions. This is intended to give you an instant insight into tsunami-security-scanner implemented functionality, and help decide if they suit your requirements.
Get all kandi verified functions for this library.
Get all kandi verified functions for this library.
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
QUESTION
How are code-branch side channel attacks mitigated on Java?
Asked 2022-Mar-10 at 18:18When you are working with secret keys, if your code branches unequally it could reveal bits of the secret keys via side channels. So for some algorithms it should branch uniformly independently of the secret key.
On C/C++/Rust, you can use assembly to be sure that no compiler optimizations will mess with the branching. However, on Java, the situation is difficult. First of all, it does JIT for desktop, and AOT on Android, so there are 2 possibilities for the code to be optimized in an unpredictable way, as JIT and AOT are always changing and can be different for each device. So, how are side channel attacks that take advantage of branching prevented on Java?
ANSWER
Answered 2022-Mar-10 at 18:18When performing side-channel attacks, one of the main ways of doing these are to read the power-consumption of the chip using differential power analysis (DPA). When you have a branch in a code, such as an if statement, this can adversely affect the power draw in such a way that correlations can be made as to which choices are being made. To thwart this analysis, it would be in your interest to have a "linear" power consumption. This can do some degree be mitigated by code, but would ultimately depend upon the device itself. According Brennan et.al [1], some chose to tackle the java JIT issue by caching instructions. In code, the "best" you could do would be to program using canaries, in order to confuse an attacker, as proposed by Brennan et.al [2], and demonstrated in the following (very simplified) example code:
public bool check(String guess) {
for(int i=0; i<guess.len; i++)
return false;
}
return true;
}
versus;
public bool check(String guess) {
bool flag=true, fakeFlag=true;
for(int i=0; i<guess.len; i++) {
if (guess[i] != password[i])
flag=false;
else
fakeFlag = false:
}
return flag;
}
}
[1]: T. Brennan, "Detection and Mitigation of JIT-Induced Side Channels*," 2020 IEEE/ACM 42nd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), 2020, pp. 143-145.
[2]: T. Brennan, N. Rosner and T. Bultan, "JIT Leaks: Inducing Timing Side Channels through Just-In-Time Compilation," 2020 IEEE Symposium on Security and Privacy (SP), 2020, pp. 1207-1222, doi: 10.1109/SP40000.2020.00007.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
No vulnerabilities reported
Find more information at:
Save this library and start creating your kit
See Similar Libraries in
Save this library and start creating your kit
Open Weaver – Develop Applications Faster with Open Source