Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mention the valgrind Side Channel Analysis #231

Open
reneme opened this issue Jul 18, 2024 · 0 comments · May be fixed by #255
Open

Mention the valgrind Side Channel Analysis #231

reneme opened this issue Jul 18, 2024 · 0 comments · May be fixed by #255
Labels
testspec
Milestone
Botan 3.6.1

Comments

@reneme
Copy link
Collaborator

reneme commented Jul 18, 2024

The "audit_method" document has a few mentions of the valgrind-based side-channel analysis tests. Especially after randombit/botan#4182 was added, it might be worthwhile to add a description to the testspec. I'd envision the content to go roughly like that:

  • How does the valgrind-based CT checks work?
    • uninitialized memory being marked and tracked by valgrind
    • errors produced when such memory is used in branches or to access memory
  • Limitations of the approach
    • needs explicitly maintained annotations in the implementation
    • does not capture variable-time execution of machine instructions (such as KyberSlash)
  • The CT-selftest in CI:
    • explicitly provoking errors to ensure the valgrind setup as well as the CT::poison helpers work as expected
  • List of algorithms that are annotated
@reneme reneme added this to the Botan 3.6.0 milestone Jul 18, 2024
@reneme reneme linked a pull request Oct 28, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
testspec
Projects
None yet
Milestone
Botan 3.6.1
Development

Successfully merging a pull request may close this issue.

Testspec: Valgrind CT::poison() overview sehlen-bsi/botan-docs
1 participant
@reneme