1 research outputs found
Verifying and Synthesizing Constant-Resource Implementations with Types
We propose a novel type system for verifying that programs correctly
implement constant-resource behavior. Our type system extends recent work on
automatic amortized resource analysis (AARA), a set of techniques that
automatically derive provable upper bounds on the resource consumption of
programs. We devise new techniques that build on the potential method to
achieve compositionality, precision, and automation.
A strict global requirement that a program always maintains constant resource
usage is too restrictive for most practical applications. It is sufficient to
require that the program's resource behavior remain constant with respect to an
attacker who is only allowed to observe part of the program's state and
behavior. To account for this, our type system incorporates information flow
tracking into its resource analysis. This allows our system to certify programs
that need to violate the constant-time requirement in certain cases, as long as
doing so does not leak confidential information to attackers. We formalize this
guarantee by defining a new notion of resource-aware noninterference, and prove
that our system enforces it.
Finally, we show how our type inference algorithm can be used to synthesize a
constant-time implementation from one that cannot be verified as secure,
effectively repairing insecure programs automatically. We also show how a
second novel AARA system that computes lower bounds on resource usage can be
used to derive quantitative bounds on the amount of information that a program
leaks through its resource use. We implemented each of these systems in
Resource Aware ML, and show that it can be applied to verify constant-time
behavior in a number of applications including encryption and decryption
routines, database queries, and other resource-aware functionality.Comment: 30, IEEE S&P 201