Vivienne: Relational Verification of Cryptographic Implementations in WebAssembly

Vivienne: Relational Verification of Cryptographic Implementations in WebAssembly

This paper explores the use of relational symbolic execution to counter timing side channels in WebAssembly programs. We design and implement Vivienne, an open-source tool to automatically analyze WebAssembly cryptographic libraries for constant-time violations. Our approach features various optimiz...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tsoupidi, Rodothea Myrsini, Balliu, Musard, Baudry, Benoit
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science - Cryptography and Security
Computer Science - Programming Languages
Computer Science - Symbolic Computation
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper explores the use of relational symbolic execution to counter timing side channels in WebAssembly programs. We design and implement Vivienne, an open-source tool to automatically analyze WebAssembly cryptographic libraries for constant-time violations. Our approach features various optimizations that leverage the structure of WebAssembly and automated theorem provers, including support for loops via relational invariants. We evaluate Vivienne on 57 real-world cryptographic implementations, including a previously unverified implementation of the HACL* library in WebAssembly. The results indicate that Vivienne is a practical solution for constant-time analysis of cryptographic libraries in WebAssembly.
DOI:10.48550/arxiv.2109.01386