a first step towards automatic application of power analysis countermeasures
DESCRIPTION
A First Step Towards Automatic Application of Power Analysis Countermeasures. Ali Galip Bayrak EPFL, Switzerland June 7 th , 2011. and Francesco Regazzoni (UCL and Alari) Philip Brisk (UC Riverside, USA) François-Xavier Standaert (UCL, Belgium) Paolo Ienne (EPFL, Switzerland). - PowerPoint PPT PresentationTRANSCRIPT
andFrancesco Regazzoni (UCL and Alari)
Philip Brisk (UC Riverside, USA)François-Xavier Standaert (UCL, Belgium)
Paolo Ienne (EPFL, Switzerland)
A First Step Towards Automatic Application of Power Analysis Countermeasures
A First Step Towards Automatic Application of Power Analysis Countermeasures
Ali Galip Bayrak EPFL, Switzerland
June 7th, 2011
Side-Channel AttacksSide-Channel Attacks
Plaintext
(e.g., “Encrypt me”)
Secret Key(e.g., “I’m unknown”)
Ciphertext
(e.g., “aB14t752s”)
Cryptographic
Algorithm
Leakage (power consumption, EM radiation, timing etc.)
2
Power Analysis Attacks Power Analysis Attacks
3
MotivationMotivation
4
ATTACK! COUNTERMEASURE!
VSPROBLEM:
They are handled manually!!!
Software
Implementation
Analyze the algorithm
Determine the weaknesses
Apply the countermeasure
Protected
Implementation
Automatic Protection FlowAutomatic Protection Flow
5
Step I: Information Leakage AnalysisStep I: Information Leakage Analysis
6
Main point:
Determine the
leaking parts
of the software!
Normalized Mutual Information of Key and Leakage
Step II: Transformation Target IdentificationStep II: Transformation Target Identification
7
Global Modifications: Protect all the nodes between two sensitive nodes.
Masking
Main point: Determine the portions of the implementation
that need to be protected!
Local Modifications: Protect each sensitive instruction (peephole optimization).
Random Precharging (used here)
sbci r28,0xfd
ld r25,r28:r29
movw r18,r26
subi r18,0x4f
sbci r19,0xfd
movw r28,r18
ld r30,r28:r29
Step III: Code TransformationStep III: Code Transformation
8
sbci r28,0xfd
ld r25,r28:r29
movw r18,r26
subi r18,0x4f
sbci r19,0xfd
movw r28,r18
ld r30,r28:r29
sbci r28,0xfd
lds r25,rnd
mov r24,r25
ld r25,r28:r29
…
movw r18,r26
subi r18,0x4f
Main point: Apply the given protection on the determined
portions of the implementation!
…
Experimental Results (Security)Experimental Results (Security)
ρ = 0.437
ρ = 0.048
Correlation values for unprotected and protected implementations are shown.
Number of necessary traces to mount a successful attack
increases over 76 times.
• Advanced Encryption Standard (AES) is used.
• Traces are collected from board with 8-bit AVR MCU.
• Correlation-based DPA attack is used for attack.
9
Experimental Results (Performance)Experimental Results (Performance)# of clock cycles during the execution of three different implementations
64%
100%
1190
2700
4212
10
ConclusionsConclusions
11
AUTOMATIC
PROTECTION
Software
Implementation
Protected
Implementation
Off-the-Shelf
CompilerAP
Security-Aware Compilersecurity vs. performance vs. energy etc.