Evaluator that detects timing side channels using fixed-vs-random test
Project description
Swarmauri Evaluator Constanttime
Evaluator that detects timing side channels using a fixed-vs-random strategy.
It times a callable with repeated fixed inputs and compares those timings against
randomly generated inputs. Welch's t-test and Cliff's delta are used to decide
whether the observed runtime differences are statistically significant. The
evaluator reports a score of 1.0 for constant-time behaviour and 0.0
otherwise, together with rich metadata about the underlying measurements.
Installation
pip
pip install swarmauri_evaluator_constanttime
Poetry
poetry add swarmauri_evaluator_constanttime
uv
uv venv
source .venv/bin/activate
uv pip install swarmauri_evaluator_constanttime
Usage
The example below evaluates a deliberately leaky string comparison that sleeps for every matching byte. Fixed inputs run all the way through the comparison and take measurably longer than random guesses that fail fast, so the evaluator flags the function as not constant time.
import secrets
import time
from swarmauri_core.programs.IProgram import IProgram
from swarmauri_evaluator_constanttime import ConstantTimeEvaluator
class DummyProgram(IProgram):
def diff(self, other: "IProgram"):
return ()
def apply_diff(self, diff):
return self
def validate(self) -> bool:
return True
def clone(self) -> "IProgram":
return DummyProgram()
def insecure_compare(secret: bytes, guess: bytes) -> bool:
for secret_byte, guess_byte in zip(secret, guess):
if secret_byte != guess_byte:
return False
time.sleep(0.0001)
return len(secret) == len(guess)
def make_input_pair() -> tuple[bytes, bytes]:
return secrets.token_bytes(16), secrets.token_bytes(16)
def main() -> None:
evaluator = ConstantTimeEvaluator()
score, metadata = evaluator._compute_score(
program=DummyProgram(),
fn=insecure_compare,
make_input_pair=make_input_pair,
fixed_pair=(b"A" * 16, b"A" * 16),
n_samples=20,
iters_per=5,
)
print(f"Score: {score:.1f}")
print(f"Constant time? {metadata['constant_time']}")
print(f"t-statistic: {metadata['t_stat']:.2f}")
print(f"Cliff's delta: {metadata['cliff_delta']:.3f}")
assert metadata["constant_time"] is False
if __name__ == "__main__":
main()
Want to help?
If you want to contribute to swarmauri-sdk, read up on our guidelines for contributing that will help you get started.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file swarmauri_evaluator_constanttime-0.3.0.dev33.tar.gz.
File metadata
- Download URL: swarmauri_evaluator_constanttime-0.3.0.dev33.tar.gz
- Upload date:
- Size: 8.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9a101b1f2f865560d8897bb4aa67155722c5d027433bcb09765e3ebb012e6359
|
|
| MD5 |
c34a58e93c41bcbf7e386d4bcd4c5819
|
|
| BLAKE2b-256 |
78c67970de644a569ff5aeb02c02c8b1ae3cfae59fb892729989fe0ea9d53779
|
File details
Details for the file swarmauri_evaluator_constanttime-0.3.0.dev33-py3-none-any.whl.
File metadata
- Download URL: swarmauri_evaluator_constanttime-0.3.0.dev33-py3-none-any.whl
- Upload date:
- Size: 9.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
324e6079606dbc961ae34f07622b5910dd95fe528abd3bb539cb0c57e9d4c4ae
|
|
| MD5 |
3b57084bd69af34527cdf8f4a4af440d
|
|
| BLAKE2b-256 |
138ebb589494634a93dba08d1497c40b8ad9fd339ca2cc9a2332df728dcd292a
|