Table of Contents
Fetching ...

SILENT: A New Lens on Statistics in Software Timing Side Channels

Martin Dunsche, Patrick Bastian, Marcel Maehren, Nurullah Erinola, Robert Merget, Nicolai Bissantz, Holger Dette, Jörg Schwenk

TL;DR

This work targets the reliability gap in timing-side-channel analysis by introducing SILENT, a non-parametric, dependency-aware framework that provides strong statistical guarantees for timing measurements. It replaces exact-distribution tests with a Δ-negligibility approach and a bootstrap-based, quantile-focused max-test that handles dependent data and discrete measurements, enabling accurate control of false positives while delivering practical power analyses. The methodology yields actionable guidance for sample-size planning, tolerates negligible leaks per attacker models, and applies to real cryptographic and web contexts, with open-source tooling and artifacts. Collectively, SILENT enhances the adoption of timing-measurement validation in secure software development by delivering robust, interpretable, and configurable guarantees across realistic measurement environments.

Abstract

Cryptographic research takes software timing side channels seriously. Approaches to mitigate them include constant-time coding and techniques to enforce such practices. However, recent attacks like Meltdown [42], Spectre [37], and Hertzbleed [70] have challenged our understanding of what it means for code to execute in constant time on modern CPUs. To ensure that assumptions on the underlying hardware are correct and to create a complete feedback loop, developers should also perform \emph{timing measurements} as a final validation step to ensure the absence of exploitable side channels. Unfortunately, as highlighted by a recent study by Jancar et al. [30], developers often avoid measurements due to the perceived unreliability of the statistical analysis and its guarantees. In this work, we combat the view that statistical techniques only provide weak guarantees by introducing a new algorithm for the analysis of timing measurements with strong, formal statistical guarantees, giving developers a reliable analysis tool. Specifically, our algorithm (1) is non-parametric, making minimal assumptions about the underlying distribution and thus overcoming limitations of classical tests like the t-test, (2) handles unknown data dependencies in measurements, (3) can estimate in advance how many samples are needed to detect a leak of a given size, and (4) allows the definition of a negligible leak threshold $Δ$, ensuring that acceptable non-exploitable leaks do not trigger false positives, without compromising statistical soundness. We demonstrate the necessity, effectiveness, and benefits of our approach on both synthetic benchmarks and real-world applications.

SILENT: A New Lens on Statistics in Software Timing Side Channels

TL;DR

This work targets the reliability gap in timing-side-channel analysis by introducing SILENT, a non-parametric, dependency-aware framework that provides strong statistical guarantees for timing measurements. It replaces exact-distribution tests with a Δ-negligibility approach and a bootstrap-based, quantile-focused max-test that handles dependent data and discrete measurements, enabling accurate control of false positives while delivering practical power analyses. The methodology yields actionable guidance for sample-size planning, tolerates negligible leaks per attacker models, and applies to real cryptographic and web contexts, with open-source tooling and artifacts. Collectively, SILENT enhances the adoption of timing-measurement validation in secure software development by delivering robust, interpretable, and configurable guarantees across realistic measurement environments.

Abstract

Cryptographic research takes software timing side channels seriously. Approaches to mitigate them include constant-time coding and techniques to enforce such practices. However, recent attacks like Meltdown [42], Spectre [37], and Hertzbleed [70] have challenged our understanding of what it means for code to execute in constant time on modern CPUs. To ensure that assumptions on the underlying hardware are correct and to create a complete feedback loop, developers should also perform \emph{timing measurements} as a final validation step to ensure the absence of exploitable side channels. Unfortunately, as highlighted by a recent study by Jancar et al. [30], developers often avoid measurements due to the perceived unreliability of the statistical analysis and its guarantees. In this work, we combat the view that statistical techniques only provide weak guarantees by introducing a new algorithm for the analysis of timing measurements with strong, formal statistical guarantees, giving developers a reliable analysis tool. Specifically, our algorithm (1) is non-parametric, making minimal assumptions about the underlying distribution and thus overcoming limitations of classical tests like the t-test, (2) handles unknown data dependencies in measurements, (3) can estimate in advance how many samples are needed to detect a leak of a given size, and (4) allows the definition of a negligible leak threshold , ensuring that acceptable non-exploitable leaks do not trigger false positives, without compromising statistical soundness. We demonstrate the necessity, effectiveness, and benefits of our approach on both synthetic benchmarks and real-world applications.
Paper Structure (67 sections, 3 theorems, 30 equations, 2 figures, 3 tables, 4 algorithms)

This paper contains 67 sections, 3 theorems, 30 equations, 2 figures, 3 tables, 4 algorithms.

Key Result

Theorem 1

Assume that Assumption Assumptions holds and $X$ and $Y$ are continuous random variables with densities $f_X,$ and $f_Y$, which are strictly positive and continuous in a neighborhood of all points $k \in K$. Furthermore let $\mathbb{G}=(\mathbb{G}_1,\mathbb{G}_2)$ denote a bivariate Brownian bridge If the null hypotheses eq:null_hyp is satisfied, the weak convergence holds, where the right hand

Figures (2)

  • Figure 1: Empirical rejection rates of $1,000$ simulation runs for various tools with sample size $n=10000$. For , and we set $\alpha=0.1$, while for we kept the default threshold, which yields a very conservative $\alpha$.
  • Figure 2: Rejection rate heatmaps for under varying sample size and $\Delta$.

Theorems & Definitions (6)

  • Theorem 1: Asymptotic behavior
  • Theorem 2: Bootstrap Guarantee
  • Theorem 3: Bootstrap Guarantee
  • proof
  • proof
  • proof