eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2021/591

Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs!

Jan Peter Drees, Pritha Gupta, Eyke Hüllermeier, Tibor Jager, Alexander Konze, Claudia Priesterjahn, Arunselvan Ramaswamy, and Juraj Somorovsky

Abstract

Currently most practical attacks on cryptographic protocols like TLS are based on side channels, such as padding oracles. Some well-known recent examples are DROWN, ROBOT and Raccoon (USENIX Security 2016, 2018, 2021). Such attacks are usually found by careful and time-consuming manual analysis by specialists. In this paper, we consider the question of how such attacks can be systematically detected and prevented before (large-scale) deployment. We propose a new, fully automated approach, which uses supervised learning to identify arbitrary patterns in network protocol traffic. In contrast to classical scanners, which search for known side channels, the detection of general patterns might detect new side channels, even “unexpected” ones, such as those from the ROBOT attack. To analyze this approach, we develop a tool to detect Bleichenbacher-like padding oracles in TLS server implementations, based on an ensemble of machine learning algorithms. We verify that the approach indeed detects known vulnerabilities successfully and reliably. The tool also provides detailed information about detected patterns to developers, to assist in removing a potential padding oracle. Due to the automation, the approach scales much better than manual analysis and could even be integrated with a CI/CD pipeline of a development environment, for example.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Bleichenbachermachine learningside channelTLS
Contact author(s)
jan drees @ uni-wuppertal de
pritha gupta @ uni-paderborn de
tibor jager @ uni-wuppertal de
History
2021-05-10: received
Short URL
https://ia.cr/2021/591
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/591,
      author = {Jan Peter Drees and Pritha Gupta and Eyke Hüllermeier and Tibor Jager and Alexander Konze and Claudia Priesterjahn and Arunselvan Ramaswamy and Juraj Somorovsky},
      title = {Automated Detection of Side Channels in Cryptographic Protocols: DROWN the ROBOTs!},
      howpublished = {Cryptology ePrint Archive, Paper 2021/591},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/591}},
      url = {https://eprint.iacr.org/2021/591}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.