A multiple equivalent execution trace approach to secure cryptographic embedded software

Author

Agosta, Giovanni ; Barenghi, Alessandro ; Pelosi, Gianni ; Scandale, Michele

Author_Institution

Dipt. di Elettron., Inf. e Bioingegneria, Politec. di Milano, Milan, Italy

fYear

2014

fDate

1-5 June 2014

Firstpage

1

Lastpage

6

Abstract

We propose an efficient and effective method to secure software implementations of cryptographic primitives on low-end embedded systems, against passive side-channel attacks relying on the observation of power consumption or electro-magnetic emissions. The proposed approach exploits a modified LLVM compiler toolchain to automatically generate a secure binary characterized by a randomized execution flow. Also, we provide a new method to refresh the random values employed in the share splitting approaches to lookup table protection, addressing a currently open issue. We improve the current state-of-the-art in dynamic executable code countermeasures removing the requirement of a writeable code segment, and reducing the countermeasure overhead.

Keywords

cryptography; embedded systems; program compilers; table lookup; LLVM compiler toolchain; countermeasure overhead reduction; cryptographic embedded software security; cryptographic primitives; dynamic executable code countermeasures; electromagnetic emissions; lookup table protection; low-end embedded systems; multiple equivalent execution trace approach; passive side-channel attacks; power consumption observation; random values; randomized execution flow; share splitting approach; writeable code segment; Ciphers; Optimization; Power demand; Registers; Software; Power Analysis Attacks; Software Countermeasures; Static Analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Design Automation Conference (DAC), 2014 51st ACM/EDAC/IEEE

Conference_Location

San Francisco, CA

Type

conf

Filename

6881537