Improving the Design of secure systems by a Reduction Of Micro-architectural Effects on side-channeL attacks – IDROMEL
IDROMEL
Improving the Design of secure systems by a Reduction Of Micro-architectural Effects on side-channeL attacks
Context and objectives
The increasing adoption of cyber-physical and connected objects promises to address a large variety of societal challenges, from simplifying human communications (with legal authorities, public and private communications) to supporting next generation industry (so called Industry 4.0), smart cities and transportations. Since these computing objects become more and more integrated into our daily lives, their physical access is also becoming easier for malicious users.<br />In addition to usual networked systems’ threats, computations are vulnerable to a large range of physical attacks, which exploit some characteristics of the target system including both software and hardware. Among these, side-channel attacks (SCA)<br />can infer secret information from physical observations measured during the execution of sensitive computations. SCA typically exploit physical quantities such as electromagnetic signature and power consumption, behaviour of cache memories, and effects due to speculative execution. SCA have gained momentum with the increased use of cryptography because they represent, with fault injection attacks, the most effective way to break implementations of cryptography. SCA based on power and electromagnetic observations are particularly harmful because they have been successfully applied to many different<br />kinds of secured computations.<br /><br />To ease the heavy and costly hardening process, several automated techniques have been proposed to either analyse or protect software or hardware implementations. These techniques rely on an abstraction model of the target architecture and the potential source of leakage (e.g. source code or assembly level) that is simple enough to keep them tractable. However, the lack of precision of such models and the need to better model the target implementation has been recently highlighted: hardened systems are vulnerable to side-channel attacks due to leakage at the micro-architecture layer.<br />As an example, memory accesses, internal pipeline buffers, registers’ rewriting and the difference of propagation delays through the combinatorial logic (i.e. glitches) are now known to produce observable side-effects.<br /><br />The IDROMEL is a collaborative project between Arm, CEA, IRISA, LAAS and SU which aims to contribute to the design of secure systems against side-channel attacks based on power and electromagnetic observations, for a wide range of computing systems, from cost-effective ones implemented in IoT devices to more complex architectures commonly integrated into mobile phones. IDROMEL will investigates the impact of the processor micro-architecture on power and electromagnetic side-channel attacks as a key concern for the design of secure systems. The<br />objective of the project is to provide security assessments and automated security tools that take into account the target micro-architecture, as well as to design new processors that integrate hardware countermeasures.
In order to achieve this objective, IDROMEL follows a bottom-up approach starting with the development of characterization methods and models taking into account micro-architectural details, the design of leakage-tracking and mitigation tools to support the hardening of both software
and hardware implementations. In particular, the project proposes:
• Leakage sources characterization: a methodology to evaluate leakage sources from detailed description of the micro-architecture (grey-box approach) or from public information (black-box approach), with reproducible characterization based on public test vectors that trigger micro-architectural properties (production of publicly available benchmarks);
• Security assessment methods: formal code verification, leakage simulators and vulnerability analysis;
• Automated security tools: a compiler for the application of software countermeasures;
• Hardware hardening techniques: configurable design technique for the application of hardware countermeasures.
As of now, a common collaboration platform has been setup to federe the researchers of the consortium for the characterization of the side-channel leakage.
The next step is to integrate the preliminary work on leakage source characterization into compiler for dedicated software counter-measures; and design tools for hardware protections, as well as automatic verification tools.
A publication called ARMISTICE for the partnership of SU and Arm has been published which provides an integration of the leakage source characterization of a micro-controller Cortex-M3 to a symbolic execution engine to detect order-1 leakage.
The increasing ubiquity of computing devices in our daily lives makes them a priority target for malicious users. Recently, side-channel attacks (SCA) based on power/electromagnetic field observation have gained momentum by their practicability, powerfulness and hard detection. Initially set aside due to their modelling complexity, the side-effects of the processor’s micro-architecture are now a first-class concern for secure design since they induce a reduction of the expected level of security. IDROMEL aims at contributing in designing secure systems against such SCA. The project will follow a bottom-up approach starting by designing characterization methods and models taking into account micro-architectural details. IDROMEL will then develop several components of secure design flow: formal code verification and leakage simulators for security assessment, hardening compiler for automated software protection and cost-effective hardware architectures to support their efficiency.
Project coordination
Vincent Migliore (Laboratoire d'analyse et d'architecture des systèmes du CNRS)
The author of this summary is the project coordinator, who is responsible for the content of this summary. The ANR declines any responsibility as for its contents.
Partnership
LAAS-CNRS Laboratoire d'analyse et d'architecture des systèmes du CNRS
LIST Laboratoire d'Intégration des Systèmes et des Technologies
LIP6 Laboratoire d'informatique de Paris 6
IRISA Institut de Recherche en Informatique et Systèmes Aléatoires
Arm FRANCE SAS ARM FRANCE SAS
Help of the ANR 781,828 euros
Beginning and duration of the scientific project:
- 48 Months
