Side-Channel Leakage Models for RISC Instruction Set Architectures from Empirical Data

Seuschek, Hermann and Rass, Stefan

Title:: Side-Channel Leakage Models for RISC Instruction Set Architectures from Empirical Data
Document type:: Konferenzbeitrag
Contribution type:: Vortrag / Präsentation
Author(s):: Seuschek, Hermann and Rass, Stefan
Abstract:: Side-channel attacks are currently among the most serious threats for embedded systems. Popular countermeasures to mitigate the impact of such attacks are masking schemes, where secret intermediate values are split in two or more values by virtue of secret sharing. Processing the secret happens on separate execution paths, which are executed on the same central processing unit (CPU). In case of unwanted correlations between different registers inside the CPU the shared secret may leak out through a side-channel. This problem is particularly evident on low cost embedded systems, such as nodes for the Internet of Things (IoT), where cryptographic algorithms are often implemented in pure software on a reduced instruction set computer (RISC). On such an architecture, all data manipulation operations are carried out on the contents of the CPU’s register file. This means that all intermediate values of the cryptographic algorithm at some stage pass through the register file. Towards avoiding unwanted correlations and leakages thereof, special care has to be taken in the mapping of the registers to intermediate values of the algorithm. In this work, we describe an empirical study that reveals effects of unintended unmasking of masked intermediate values and thus leaking secret values. The observed phenomena are related to the leakage of masked hardware implementations caused by glitches in the combinatorial path of the circuit but the effects are abstracted to the level of the instruction set architecture on a RISC CPU. Furthermore, we discuss countermeasures to have the compiler thwart such leakages. «
Side-channel attacks are currently among the most serious threats for embedded systems. Popular countermeasures to mitigate the impact of such attacks are masking schemes, where secret intermediate values are split in two or more values by virtue of secret sharing. Processing the secret happens on separate execution paths, which are executed on the same central processing unit (CPU). In case of unwanted correlations between different registers inside the CPU the shared secret may leak out thr... »
Keywords:: Side-Channel, Leakage, RISC
Dewey Decimal Classification:: 620 Ingenieurwissenschaften
Book / Congress title:: Euromicro DSD/SEAA
Congress (additional information):: Funchal, Madeira, Portugal
Year:: 2015
Quarter:: 3. Quartal
Year / month:: 2015-08
Month:: Aug
Language:: en
WWW:: http://www.euromicro.org/index.html
BibTeX

Occurrences:

mediaTUM Gesamtbestand Hochschulbibliographie 2015 Fakultäten Elektrotechnik und Informationstechnik Lehrstuhl für Sicherheit in der Informationstechnik (Prof. Sigl)

mediaTUM Gesamtbestand Einrichtungen Schools TUM School of Computation, Information and Technology Departments Computer Engineering Sicherheit in der Informationstechnik (Prof. Sigl)2015