The system assesses the potential vulnerability of a given security scheme to subversion by attackers aiming to pilfer confidential information.
A knowledgeable hacker can procure sensitive data, like passwords, by observing the behavior of a computer program, such as the time it spends accessing the computer’s memory.
Security methodologies that completely thwart these “side-channel attacks” often demand extensive computational resources, making them impractical for numerous real-world systems. Consequently, engineers frequently employ obfuscation schemes that aim to restrict, rather than eliminate, an attacker’s capacity to glean confidential information.
To enhance the understanding of various obfuscation schemes’ effectiveness, researchers at MIT have developed a framework, named Metior, for quantitatively evaluating the information leakage from a victim program with an obfuscation scheme in place.
Metior enables users to scrutinize how diverse victim programs, attacker strategies, and configurations of obfuscation schemes impact the amount of leaked sensitive information. This framework proves valuable for microprocessor developers assessing multiple security schemes and determining the most promising architecture early in the chip design process.
Peter Deutsch, a graduate student and lead author of an open-access paper on Metior, notes, “Metior helps us recognize that we shouldn’t look at these security schemes in isolation… Looking at things from a higher level gives us a more holistic picture of what is actually going on.”
While various obfuscation schemes exist, common approaches often introduce randomization to the victim’s behavior to complicate an attacker’s ability to discern secrets. Metior aims to provide a unified model applicable to any obfuscation scheme, mapping the flow of information through the scheme into random variables using mathematical formulations.
Through case studies, the researchers applied Metior to compare attack strategies and analyze information leakage from cutting-edge obfuscation schemes. The framework unveiled previously misunderstood behaviors, challenging assumptions about the efficacy of certain side-channel attacks, and providing valuable insights into strategies for defending against information leaks.
