tacet 0.4.2

Detect timing side channels in cryptographic code
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

//! Example: XOR constant-time test.
//!
//! XOR operations should be constant-time - this test verifies
//! that no timing leak is detected with adaptive batching.

use std::time::Duration;
use tacet::helpers::InputPair;
use tacet::{AttackerModel, Outcome, TimingOracle};

fn main() {
    // Create InputPair for tuples of two arrays
    let inputs = InputPair::new(|| ([0u8; 32], [0u8; 32]), || (rand_bytes(), rand_bytes()));

    println!("Testing XOR operation for timing leaks...");
    let outcome = TimingOracle::for_attacker(AttackerModel::AdjacentNetwork)
        .time_budget(Duration::from_secs(30))
        .test(inputs, |(a, b)| {
            std::hint::black_box(xor_bytes(a, b));
        });

    match outcome {
        Outcome::Pass {
            leak_probability,
            quality,
            diagnostics,
            ..
        } => {
            println!("Result: PASS (expected for XOR)");
            println!("Leak probability: {:.4}%", leak_probability * 100.0);
            println!("Quality: {:?}", quality);
            println!("Timer resolution: {:.1}ns", diagnostics.timer_resolution_ns);
        }
        Outcome::Fail {
            leak_probability,
            exploitability,
            ..
        } => {
            println!("Result: FAIL (unexpected for XOR!)");
            println!("Leak probability: {:.4}%", leak_probability * 100.0);
            println!("Exploitability: {:?}", exploitability);
        }
        Outcome::Inconclusive {
            leak_probability,
            reason,
            ..
        } => {
            println!("Result: INCONCLUSIVE");
            println!("Leak probability: {:.4}%", leak_probability * 100.0);
            println!("Reason: {:?}", reason);
        }
        Outcome::Unmeasurable { recommendation, .. } => {
            println!("Could not measure: {}", recommendation);
        }
        Outcome::Research(research) => {
            println!("Result: RESEARCH MODE");
            println!("Status: {:?}", research.status);
        }
    }
}

fn xor_bytes(a: &[u8; 32], b: &[u8; 32]) -> [u8; 32] {
    let mut result = [0u8; 32];
    for i in 0..32 {
        result[i] = a[i] ^ b[i];
    }
    result
}

fn rand_bytes() -> [u8; 32] {
    let mut arr = [0u8; 32];
    for byte in &mut arr {
        *byte = rand::random();
    }
    arr
}