Side Channel Leakage Profiling in Software

Testing cryptographic implementations for side channel leakage is a difficult and important problem. The techniques used to uncover side channel leakage are more involved than the usual methodologies of software testing, for example sometimes involving physical measurements of hardware. As such, it is difficult to work this sort of analysis into the usual software testing process. To this end we have developed the side channel profiler. This is an extensible framework for capturing dynamic execution of cryptographic code and applying side channel analysis regardless of underlying architecture. This tool can be used to selectively emulate different hardware components, or apply other side channel leakage criteria. We also demonstrate how the tool can be used to analyze an implementation of naive square and multiply modular exponentiation.