Side-channel attacks are a significant concern for the im- plementation of cryptographic algorithms. Data-oblivious programming is a discipline that helps mitigate side-channel attacks by preventing data leakage over side channels. However, due to various optimizations in modern compilers, data-obliviousness cannot be guaranteed in high-level languages. This work investigates to which extent compiler optimizations violate data-obliviousness. To this end, we present data-oblivious compiler checker (DOCC), an automated binary testing pipeline for detecting data-obliviousness violations under different compiler configurations. We show that DOCC is applicable across 6 widely used compilers. Additionally, DOCC can retrofit existing analysis tools with advanced leakage models, such as data-dependent instruction execution times and data-obliviousness under speculation. We evaluate DOCC on 5 major cryptographic libraries and the recently proposed NIST lightweight cryptography primitives. We reveal data-obliviousness violations in 93 out of the 127 tested algorithms and 1845 out of the 12 917 test cases across different cryptographic libraries, building blocks, and programming languages. We demonstrate that the choice of compiler and optimizations heavily influences the resulting binary’s properties.
Financial Cryptography and Data Security (FC)
2025-03-06
2025-03-07