Flow Tracker

Flow tracker is a tool that detects timing attack vulnerabilities in C/C++ programs that implement cryptographic routines. If the program contains a vulnerability, then Flow Tracker finds one or more (static) traces of instructions that uncover it. A vulnerable trace describes a sequence of data and control dependences from a secret information - e.g., a crypto key, the seed for a random number generator, etc - to a predicate of a branch or to a memory index. This is a problem because the branch normally influences the execution time of the program, and memory indexation may change the execution time of a program due to cache misses. So, if an adversary can measure this time for a given input which he controls, he or she may discover some information about the secret that we want to protect.
Type the code in the box above or select a C/C++ file to upload. ?    

Choose the output:
Standard output.

Type the code in the box above or select a XML file to upload. ?     

Choose the output:
Standard output.
FlowTracker's Tutorial In the news!
Download and Install Video Tutorial
FlowTracker vs Ferrante Contact us
Paper