Skip to main content
Conference ProceedingsOPEN ACCESS

Transforming out timing leaks, more or less

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9326 447-467
DOI: 10.1007/978-3-319-24174-6_23
24Citations
Citations of this article
27Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We experimentally evaluate program transformations for removing timing side-channel vulnerabilities wrt. security and overhead. Our study of four well-known transformations confirms that their performance overhead differs substantially. A novelty of our work is the empirical investigation of channel bandwidths, which clarifies that the transformations also differ wrt. how much security they add to a program. Interestingly, we observe such differences even between transformations that have been proven to establish timing-sensitive noninterference. Beyond clarification, our findings provide guidance for choosing a suitable transformation for removing timing side-channel vulnerabilities. Such guidance is needed because there is a trade-off between security and overhead, which makes choosing a suitable transformation non-trivial.

Cite

CITATION STYLE

APA

Mantel, H., & Starostin, A. (2015). Transforming out timing leaks, more or less. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9326, pp. 447–467). Springer Verlag. https://doi.org/10.1007/978-3-319-24174-6_23

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free