Nicolas Belleville
Henri-Pierre Charles
Skip Abstract Section
Abstract
We present an approach and a tool to answer the need for effective, generic, and easily applicable protections against side-channel attacks. The protection mechanism is based on code polymorphism, so that the observable behaviour of the protected component is variable and unpredictable to the attacker. Our approach combines lightweight specialized runtime code generation with the optimization capabilities of static compilation. It is extensively configurable. Experimental results show that programs secured by our approach present strong security levels and meet the performance requirements of constrained systems.
- M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. 2009. Control-flow integrity principles, implementations, and applications. ACM TISSEC 13, 1 (2009). Google Scholar
Digital Library
- Giovanni Agosta, Alessandro Barenghi, Massimo Maggi, and Gerardo Pelosi. 2013. Compiler-based side channel vulnerability analysis and optimized countermeasures application. DAC (2013), 1--624. Retrieved from http://ieeexplore.ieee.org/abstract/document/6560674/. Google ScholarDigital Library
- G. Agosta, A. Barenghi, and G. Pelosi. 2012. A code morphing methodology to automate power analysis countermeasures. DAC (2012), 77--82. Google ScholarDigital Library
- Giovanni Agosta, Alessandro Barenghi, Gerardo Pelosi, and Michele Scandale. 2015. Information leakage chaff: feeding red herrings to side channel attackers. In Proceedings of the 52nd Annual Design Automation Conference. ACM, 33. Google ScholarDigital Library
- G. Agosta, A. Barenghi, G. Pelosi, and M. Scandale. 2015. The MEET approach: Securing cryptographic embedded software against side channel attacks. In Proceedings of the IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems. 34, 8 (2015), 1320–1333.Google ScholarDigital Library
- A. Amarilli, S. Müller, D. Naccache, D. Page, P. Rauzy, and M. Tunstall. 2011. Can code polymorphism limit information leakage? In Proceedings of the IFIP International Workshop on Information Security Theory and Practices. Springer, 1–21. Google ScholarDigital Library
- Naga Durga Prasad Avirneni and Arun K. Somani. 2014. Countering power analysis attacks UsingReliable and aggressive designs. IEEE TOC 63, 6 (June 2014), 1408--1420. Google ScholarDigital Library
- A. Barenghi and G. Pelosi. 2017. An enhanced dataflow analysis to automatically tailor side channel attack countermeasures to software block ciphers. CEUR Workshop Proceedings 1816 (2017), 8--18.Google Scholar
- Ali Galip Bayrak, Francesco Regazzoni, David Novo, Philip Brisk, François-Xavier Standaert, and Paolo Ienne. 2015. Automatic application of power analysis countermeasures. IEEE TOC 64, 2 (2015), 329--341.Google ScholarDigital Library
- H.-P. Charles, D. Couroussé, V. Lomüller, F. A. Endo, and R. Gauguey. 2014. deGoal a tool to embed dynamic code generators into applications. LNCS 8409 (2014), 107--112.Google Scholar
- Henri-Pierre Charles and Victor Lomüller. 2015. Is dynamic compilation possible for embedded systems? SCOPES (2015), 80--83. Google ScholarDigital Library
- P. Chen, Y. Fang, B. Mao, and L. Xie. 2011. JITDefender: A defense against JIT spraying attacks. IFIP AICT 354 (2011), 142--153.Google Scholar
- P. Chen, R. Wu, and B. Mao. 2013. JITSafe: A framework against just-in-time spraying attacks. IET Information Security 7, 4 (2013), 283--292.Google ScholarDigital Library
- Jean-Sébastien Coron and Ilya Kizhvatov. 2009. An efficient method for random delay generation in embedded software. CHES 5747 (2009), 156--170. Google ScholarDigital Library
- Jean-Sébastien Coron and Ilya Kizhvatov. 2010. Analysis and improvement of the random delay countermeasure of CHES 2009. CHES (2010), 95--109. Google ScholarDigital Library
- Damien Couroussé, Thierno Barry, Bruno Robisson, Philippe Jaillon, Olivier Potin, and Jean-Louis Lanet. 2016. Runtime code polymorphism as a protection against side channel attacks. WISTP 9895 (2016), 136--152.Google Scholar
- Stephen Crane, Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. 2015. Thwarting cache side-channel attacks through dynamic software diversity. NDSS (2015), 8--11.Google Scholar
- L. Dureuil, G. Petiot, M.-L. Potet, T.-H. Le, A. Crohen, and P. de Choudens. 2016. FISSC: A fault injection and simulation secure collection. LNCS 9922 (2016), 3--11.Google Scholar
- François Durvaux, Mathieu Renauld, François-Xavier Standaert, Loic van Oldeneel tot Oldenzeel, and Nicolas Veyrat-Charvillon. 2013. Efficient removal of random delays from embedded software implementations using hidden Markov models. In Proceedings of the International Conference on Smart Card Research and Advanced Applications. Springer, 123–140. Google ScholarDigital Library
- eSTREAM: The ECRYPT Stream Cipher Project. Retrieved from http://www.ecrypt.eu.org/stream/.Google Scholar
- Hassan Eldib and Chao Wang. 2014. Synthesis of masking countermeasures against side channel attacks. In Proceedings of the International Conference on Computer Aided Verification. Springer, 114--130. Google ScholarDigital Library
- G. Goodwill, B. Jun, J. Josh, R. Pankaj, et al. 2011. A testing methodology for side-channel resistance validation. In Proceedings of the NIST Non-invasive Attack Testing Workshop. 7, 115–136.Google Scholar
- Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. 2013. Librando: transparent code randomization for just-in-time compilers. CCS-SIGSAC (2013), 993--1004. Google ScholarDigital Library
- M. Jauernig, M. Neugschwandtner, C. Platzer, and P. M. Comparetti. 2014. Lobotomy: An architecture for JIT spraying mitigation. In Proceedings of the Ninth International Conference on Availability, Reliability and Security (ARES’14). IEEE, 50–58. Google ScholarDigital Library
- P. Kocher, J. Jaffe, and B. Jun. 1999. Differential power analysis. In Proceedings of the Annual International Cryptology Conference. Springer, 388–397. Google ScholarDigital Library
- Pei Luo, Konstantinos Athanasiou, Liwei Zhang, Zhen Hang Jiang, Yunsi Fei, A. Adam Ding, and Thomas Wahl. 2017. Compiler-assisted threshold implementation against power analysis attacks. ICCD (Nov. 2017), 541--544.Google Scholar
- mbedTLS library. Retrieved from https://tls.mbed.org/.Google Scholar
- S. Mangard, E. Oswald, and T. Popp. 2007. Power Analysis Attacks: Revealing the Secrets of Smart Cards. 31. Google ScholarDigital Library
- T. Moos and A. Moradi. 2017. On the easiness of turning higher-order leakages into first-order. COSADE 10348 (2017), 153--170. Retrieved from www.scopus.com.Google Scholar
- A. Moss, E. Oswald, D. Page, and M. Tunstall. 2012. Compiler assisted masking. LNCS 7428 (2012), 58--75. Google ScholarDigital Library
- Colin O’Flynn and Zhizhang Chen. 2016. Power analysis attacks against IEEE 802.15.4 nodes. In Proceedings of the International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE’16). 55--70.Google ScholarCross Ref
- Eyal Ronen, Colin O’Flynn, Adi Shamir, and Achi-Or Weingarten. 2016. IoT Goes Nuclear: Creating a ZigBee Chain Reaction. In Proceedings of the IEEE Symposium on Security and Privacy (SP’17). IEEE, 195–212.Google Scholar
- Pascal Sasdrich, Amir Moradi, and Tim Güneysu. 2017. Hiding higher-order side-channel leakage. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 131–146.Google ScholarCross Ref
- Tobias Schneider and Amir Moradi. 2015. Leakage assessment methodology. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 495–513.Google ScholarCross Ref
- H. Seuschek and S. Rass. 2015. Side-channel leakage models for RISC instruction set architectures from empirical data. In Proceedings of the Euromicro Conference on Digital System Design (DSD’15). IEEE, 423–430. Google ScholarDigital Library
- A. Singh, M. Kar, S. Mathew, A. Rajan, V. De, and S. Mukhopadhyay. 2018. Exploiting on-chip power management for side-channel security. In Proceedings of the Design, Automation 8 Test in Europe Conference 8 Exhibition (DATE’18). IEEE, 401–406.Google Scholar
- Niek Timmers, Albert Spruyt, and Marc Witteman. 2016. Controlling PC on ARM using fault injection. In Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’16). IEEE, 25–35.Google ScholarCross Ref
- Weize Yu and Selcuk Kose. 2018. Exploiting voltage regulators to enhance various power attack countermeasures. IEEE TETC 6, 2 (Apr. 2018), 244--257.Google Scholar
Index Terms
- Automated Software Protection for the Masses Against Side-Channel Attacks
Recommendations
Formal Verification of Software Countermeasures against Side-Channel Attacks
A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
One-Sided Countermeasures for Side-Channel Attacks Can Backfire
WiSec '18: Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile NetworksSide-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at ...
Comments