Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications

TL;DR

Microwalk-CI is a practical framework that enables easy detection and localization of timing side-channel leaks in JavaScript cryptographic code, integrating seamlessly into development workflows.

Contribution

The paper introduces Microwalk-CI, a novel side-channel analysis framework tailored for JavaScript, with new algorithms and trace generation techniques for practical leak detection.

Findings

Identified critical timing leaks in popular JavaScript cryptographic libraries.

Extended dynamic analysis algorithms for efficient leakage localization.

Demonstrated integration of analysis into continuous integration pipelines.

Abstract

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence have been proposed. However, a recent study at IEEE S&P 2022 showed that, while many developers are aware of one or more analysis tools, they have major difficulties integrating these into their workflow, as existing tools are tedious to use and mapping discovered leakages to their originating code segments requires expert knowledge. In addition, existing tools focus on compiled languages like C, or analyze binaries, while the industry and open-source community moved to interpreted languages, most notably JavaScript. In this work, we introduce Microwalk-CI, a novel side-channel analysis framework for easy integration into a JavaScript development workflow. First, we extend existing dynamic approaches with a new analysis algorithm, that allows efficient localization and quantification of leakages, making it suitable for use in practical development. We then present a technique for generating execution traces from JavaScript applications, which can be further analyzed with our and other algorithms originally designed for binary analysis. Finally, we discuss how Microwalk-CI can be integrated into a continuous integration (CI) pipeline for efficient and ongoing monitoring. We evaluate our analysis framework by conducting a thorough evaluation of several popular JavaScript cryptographic libraries, and uncover a number of critical leakages.