110 likes | 206 Views
A First Step Towards Automatic Application of Power Analysis Countermeasures. Ali Galip Bayrak EPFL, Switzerland June 7 th , 2011. and Francesco Regazzoni (UCL and Alari) Philip Brisk (UC Riverside, USA) François-Xavier Standaert (UCL, Belgium) Paolo Ienne (EPFL, Switzerland).
E N D
A First Step Towards Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak EPFL, Switzerland June 7th,2011 and Francesco Regazzoni (UCL and Alari) Philip Brisk (UC Riverside, USA) François-Xavier Standaert (UCL, Belgium) Paolo Ienne (EPFL, Switzerland)
Side-Channel Attacks Cryptographic Algorithm Ciphertext (e.g., “aB14t752s”) Plaintext (e.g., “Encrypt me”) Secret Key (e.g., “I’m unknown”) Leakage (power consumption, EM radiation, timing etc.) 2
Motivation PROBLEM: They are handled manually!!! VS ATTACK! COUNTERMEASURE! Software Implementation Protected Implementation • Analyze the algorithm • Determine the weaknesses • Apply the countermeasure 4
Step I: Information Leakage Analysis Normalized Mutual Information of Key and Leakage Main point: Determine the leaking parts of the software!
Step II: Transformation Target Identification Local Modifications: Protect each sensitive instruction (peephole optimization). Random Precharging (used here) Global Modifications: Protect all the nodes between two sensitive nodes. Masking sbci r28,0xfd ld r25,r28:r29 movw r18,r26 subi r18,0x4f sbci r19,0xfd movw r28,r18 ld r30,r28:r29 Main point:Determine the portions of the implementation that need to be protected!
Step III: Code Transformation sbci r28,0xfd lds r25,rnd mov r24,r25 ld r25,r28:r29 … movw r18,r26 subi r18,0x4f sbci r28,0xfd ld r25,r28:r29 movw r18,r26 subi r18,0x4f sbci r19,0xfd movw r28,r18 ld r30,r28:r29 … Main point:Apply the given protection on the determined portions of the implementation!
Experimental Results (Security) • Advanced Encryption Standard (AES) is used. • Traces are collected from board with 8-bit AVR MCU. • Correlation-based DPA attack is used for attack. ρ = 0.437 ρ = 0.048 Correlation values for unprotected and protected implementations are shown. Number of necessary traces to mount a successful attack increases over 76 times. 9
Experimental Results (Performance) # of clock cycles during the execution of three different implementations 4212 100% 2700 64% 1190 10
Conclusions AUTOMATIC PROTECTION Software Implementation Protected Implementation Off-the-Shelf Compiler AP Security-Aware Compiler security vs. performance vs. energy etc. 11