Search Results

Documents authored by Knothe, David

Artifact
Software
DOI: 10.4230/artifacts.24776
CompCert+PCFL

Authors: David Knothe

Abstract
Cite as

Copy BibTex To Clipboard

@misc{dagpub-supp--paper-23340-urlgithub.com-knothed-CompCert-ct,
   title = {{CompCert+PCFL}}, 
   author = {Knothe, David},
   note = {Software, swhId: \href{https://archive.softwareheritage.org/swh:1:dir:521e7528bd5a40751111337e04cc57d469e0dd6b;origin=https://github.com/knothed/CompCert-ct;visit=swh:1:snp:9160a96825d7e1ecdfe276dc8033660174b771c6;anchor=swh:1:rev:2d1369a4888cff6fd5fd29f28a059e9cf72b1a08}{\texttt{swh:1:dir:521e7528bd5a40751111337e04cc57d469e0dd6b}} (visited on 2025-09-22)},
   url = {https://github.com/knothed/CompCert-ct},
}
Document
DOI: 10.4230/LIPIcs.ITP.2025.31
On Verifying Secret Control Flow Elimination

Authors: David Knothe and Oliver Bringmann

Published in: LIPIcs, Volume 352, 16th International Conference on Interactive Theorem Proving (ITP 2025)

Abstract
Many countermeasures against timing side-channel attacks have been developed in recent years, including tools to verify that code or a binary is constant-time, compilers or languages that compile into constant-time code, and a formal verification of a compiler that retains the constant-time property. We take a first step toward formally verifying a C compiler that eliminates control-flow-induced timing side channels. Specifically, we extend CompCert with Partial Control-Flow Linearization (PCFL) [Simon Moll and Sebastian Hack, 2018], a global if-conversion algorithm that was repurposed by Soares et al. [Luigi Soares et al., 2023] for removing timing side channels. Our transformation is split into multiple steps, separating linearization from instruction predication. One of the intermediate states contains the current program points before and after linearization simultaneously and we exploit a postdominance relation between those to show semantic preservation. We give a new proof that PCFL leaves uniform program points untouched and use it to show that our transformation correctly eliminates all secret control flow. Although our transformation currently only supports a subset of C, making it unsuitable for use in production, it gives an insight into how a global graph-based linearization technique like PCFL can be verified in CompCert and thereby shows the challenges and obstacles of this undertaking.
Cite as

David Knothe and Oliver Bringmann. On Verifying Secret Control Flow Elimination. In 16th International Conference on Interactive Theorem Proving (ITP 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 352, pp. 31:1-31:19, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025)

Copy BibTex To Clipboard

@InProceedings{knothe_et_al:LIPIcs.ITP.2025.31,
  author =	{Knothe, David and Bringmann, Oliver},
  title =	{{On Verifying Secret Control Flow Elimination}},
  booktitle =	{16th International Conference on Interactive Theorem Proving (ITP 2025)},
  pages =	{31:1--31:19},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-396-6},
  ISSN =	{1868-8969},
  year =	{2025},
  volume =	{352},
  editor =	{Forster, Yannick and Keller, Chantal},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/LIPIcs.ITP.2025.31},
  URN =		{urn:nbn:de:0030-drops-246299},
  doi =		{10.4230/LIPIcs.ITP.2025.31},
  annote =	{Keywords: CompCert, small-step, linearization, side-channels, constant-time, verification, security, taint analysis}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact