Expand description
§tacet
Detect timing side channels in cryptographic code.
This crate provides adaptive Bayesian methodology for detecting timing variations between two input classes (baseline vs sample), outputting:
- Posterior probability of timing leak (0.0-1.0)
- Effect size estimates in nanoseconds (shift and tail components)
- Pass/Fail/Inconclusive decisions with bounded FPR
- Exploitability assessment
§Common Pitfall: Side-Effects in Closures
The closures you provide must execute identical code paths. Only the input data should differ - not the operations performed.
ⓘ
// WRONG - Sample closure has extra RNG/allocation overhead
TimingOracle::for_attacker(AttackerModel::AdjacentNetwork).test(
InputPair::new(|| my_op(&[0u8; 32]), || my_op(&rand::random())),
|_| {}, // RNG called during measurement!
);
// CORRECT - Pre-generate inputs, both closures identical
use tacet::{TimingOracle, AttackerModel, helpers::InputPair};
let inputs = InputPair::new(|| [0u8; 32], || rand::random());
TimingOracle::for_attacker(AttackerModel::AdjacentNetwork).test(inputs, |data| {
my_op(data);
});See the helpers module for utilities that make this pattern easier.
§Quick Start
ⓘ
use tacet::{TimingOracle, AttackerModel, helpers::InputPair, Outcome};
// Builder API with InputPair
let inputs = InputPair::new(|| [0u8; 32], || rand::random());
let outcome = TimingOracle::for_attacker(AttackerModel::AdjacentNetwork)
.test(inputs, |data| {
my_function(data);
});
match outcome {
Outcome::Pass { leak_probability, .. } => {
println!("No leak detected: P={:.1}%", leak_probability * 100.0);
}
Outcome::Fail { leak_probability, exploitability, .. } => {
println!("Leak detected: P={:.1}%, {:?}", leak_probability * 100.0, exploitability);
}
Outcome::Inconclusive { reason, .. } => {
println!("Inconclusive: {:?}", reason);
}
Outcome::Unmeasurable { recommendation, .. } => {
println!("Skipping: {}", recommendation);
}
}Re-exports§
pub use measurement::BoxedTimer;pub use measurement::Timer;pub use measurement::TimerError;pub use measurement::TimerSpec;pub use helpers::InputPair;pub use helpers::effect::busy_wait_ns;pub use helpers::effect::global_max_delay_ns;pub use helpers::effect::set_global_max_delay_ns;pub use helpers::effect::timer_backend_name;pub use helpers::effect::using_precise_timer;pub use helpers::effect::BenchmarkEffect;pub use helpers::effect::EffectInjector;
Modules§
- adaptive
- Adaptive sampling module for tacet.
- analysis
- Analysis module for timing leak detection.
- data
- Data loading utilities for pre-collected timing measurements.
- helpers
- Utilities for correct input handling in timing tests.
- measurement
- Measurement infrastructure for timing analysis.
- output
- Output formatting for timing analysis results.
- preflight
- Preflight checks to validate measurement setup before analysis.
- result
- Result types for adaptive Bayesian timing analysis.
- statistics
- Statistical methods for timing analysis.
Macros§
- assert_
constant_ time - Assert that the result indicates constant-time behavior. Panics on Fail or Inconclusive with detailed diagnostic output.
- assert_
leak_ detected - Assert that a timing leak WAS detected (for testing known-leaky code). Panics on Pass with detailed diagnostic output showing why no leak was found.
- assert_
no_ timing_ leak - Assert that no timing leak was detected. Panics only on Fail (lenient - allows Inconclusive and Pass). Includes detailed diagnostic output on failure.
- require_
reliable - Require measurement to be reliable (fail-closed).
- skip_
if_ unreliable - Skip test if measurement is unreliable (fail-open).
- timing_
test - Create a timing test that returns
Outcomefor pattern matching. - timing_
test_ checked - Create a timing test that returns
Outcomefor explicit handling.
Structs§
- Batching
Info - Information about batching configuration used during collection.
- Config
- Configuration options for
TimingOracle. - Diagnostics
- Diagnostic information for debugging and analysis.
- Effect
Estimate - Estimated timing effect with credible interval and top quantiles.
- Metadata
- Metadata for debugging and analysis.
- MinDetectable
Effect - Minimum detectable effect at current noise level.
- Quality
Issue - A specific quality issue detected during measurement.
- Timing
Oracle - Main entry point for adaptive Bayesian timing analysis.
- Timing
Sample - A timing sample with its class label, preserving measurement order.
- TopQuantile
- Information about a quantile with high exceedance probability.
- Unmeasurable
Info - Information about why an operation is unmeasurable.
Enums§
- Attacker
Model - Attacker model determines the minimum effect threshold (θ) for leak detection.
- Class
- Input class identifier for timing measurements.
- Exploitability
- Exploitability assessment based on effect magnitude.
- Inconclusive
Reason - Reason why a timing test result is inconclusive.
- Issue
Code - Issue codes for programmatic handling of quality problems.
- Iterations
PerSample - Configuration for iterations per timing sample.
- Measurement
Quality - Measurement quality assessment based on noise level.
- Outcome
- Top-level outcome of a timing test.
- Unreliable
Policy - Policy for handling unreliable measurements in test assertions.
Constants§
- DECILES
- Decile percentiles for quantile computation.
- LOG_2PI
- Natural log of 2*pi, used in multivariate normal log-pdf computation.
Functions§
- compute_
min_ uniqueness_ ratio - Compute minimum uniqueness ratio for discrete mode detection.
- counter_
frequency_ hz - Returns the detected counter frequency in Hz.
- timer_
resolution_ ns - Returns the timer resolution in nanoseconds.