Security Implications Of Compiler Optimizations On Cryptography -- A Review

TL;DR

This review discusses how compiler optimizations can compromise cryptographic security, examines developer mitigation strategies, and highlights recent academic efforts to enable explicit security requirement communication to compilers.

Contribution

It provides a comprehensive overview of security issues caused by compiler optimizations and reviews approaches to address these challenges, including a study of cryptographic libraries.

Findings

Compiler optimizations can inadvertently introduce security vulnerabilities.

Developers use workarounds to hide code semantics from compilers.

Recent efforts aim to enable explicit security requirement communication.

Abstract

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could potentially be violated by compiler optimizations. As a result, developers typically use indirect methods to hide their code's semantics from the compiler and avoid unwanted optimizations. However, such workarounds are not permanent solutions, as increasingly efficient compiler optimization causes code that was considered secure in the past now vulnerable. This paper is a literature review of (1) the security complications caused by compiler optimizations, (2) approaches used by developers to mitigate optimization problems, and (3) recent academic efforts towards enabling security engineers to communicate implicit security requirements to the compiler. In addition, we present a short study of six cryptographic libraries and how they approach the issue of ensuring security requirements. With this paper, we highlight the need for software developers and compiler designers to work together in order to design efficient systems for writing secure software.