On Subnormal Floating Point and Abnormal Timing

By Marc Andrysco, David Kohlbrenner Keaton Mowery, Ranjit Jhala, Sorin Lerner, and Hovav Shacham.

In Proceedings of IEEE Security and Privacy (“Oakland”) 2015. IEEE Computer Society, May 2015.

Abstract

We identify a timing channel in the floating point instructions of modern x86 processors: the running time of floating point addition and multiplication instructions can vary by two orders of magnitude depending on their operands. We develop a benchmark measuring the timing variability of floating point operations and report on its results. We use floating point data timing variability to demonstrate practical attacks on the security of the Firefox browser (versions 23 through 27) and the Fuzz differentially private database. Finally, we initiate the study of mitigations to floating point data timing channels with libfixedtimefixedpoint, a new fixed-point, constant-time math library.

Modern floating point standards and implementations are sophisticated, complex, and subtle, a fact that has not been sufficiently recognized by the security community. More work is needed to assess the implications of the use of floating point instructions in security-relevant software.

Material

local copy (PDF).
The libfixedtimefixedpoint code on GitHub.

Reference

@InProceedings{AKMJLS15, author = {Marc Andrysco and David Kohlbrenner and Keaton Mowery and Ranjit Jhala and Sorin Lerner and Hovav Shacham}, title = {On Subnormal Floating Point and Abnormal Timing}, booktitle = {Proceedings of IEEE Security and Privacy (``Oakland'') 2015}, year = 2015, editor = {Lujo Bauer and Vitaly Shmatikov}, month = may, organization = {IEEE Computer Society} }

On Subnormal Floating Point and Abnormal Timing

Abstract

Material

Reference

Navigation: Hovav Shacham // Publications // [AKMJLS15]