DOME: Automated Validation of Data-Oblivious Program Execution

DOME: Automated Validation of Data-Oblivious Program Execution

연구 분야: Verification

학회: 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

Modern processors employ various micro-architectural optimizations to enhance application performance. While these optimizations significantly improve efficiency, they also introduce micro-architectural side channels that can leak sensitive information. Over the years, numerous hardware and software defenses have been developed to mitigate these vulnerabilities, including data-oblivious programming, randomized caches, and security domain isolation. Systems often combine these techniques to achieve robust security by eliminating observable secret-dependent behavior, a property known as data-obliviousness. However, verifying the effectiveness of these mitigation techniques in protecting security-critical applications, such as cryptographic libraries, remains a significant challenge. In this work, we introduce DOME, a security testing framework designed to detect secret-dependent behavior that could potentially leak sensitive information. DOME is both micro-architecture and software-agnostic, requiring only the ability to manipulate secret values for testing. DOME systematically refines randomly generated secret inputs by analyzing their corresponding PMU (Performance Monitoring Unit) events generated during execution on the system under test. Using unsupervised machine learning algorithms, it identifies pairs of differentiating inputs that produce distinct PMU-based execution traces, revealing secret-dependent behavior and violations of data-obliviousness. If no such inputs are found, DOME concludes that it cannot detect evidence of non-data-oblivious behavior, providing strong confidence in the deployed defenses. To validate DOME, we evaluated it on publicly available cryptographic libraries and data-oblivious benchmarks. Our results demonstrate that DOME is low-effort yet highly effective at identifying non-data-oblivious behaviors. It confirmed two previously discovered vulnerabilities and uncovered four new vulnerabilities in the latest version of Libgcrypt, impac... Show More