Abstract
Recently, several software encoding countermeasures were proposed, utilizing the side-channel hiding concept for software implementations. While these schemes aim to protect the underlying code against various leakage models, they can also be utilized against fault injection attacks to some extent. This property comes from the data redundancy that is being employed in order to equalize the leakage. In this work, we analyze three different software encoding schemes with respect to fault injection attacks. We use a custom-made code analyzer to check the vulnerabilities in the assembly code, and we experimentally support our results using laser fault injection technique. Our results show that implementations based on table lookup operations provide reasonable security margin and thwart fault propagation.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: CRYPTO ’97, LNCS, vol. 1294, pp. 513–525 (1997)
Breier, J.: On analyzing program behavior under fault injection attacks. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 474–479 (2016). doi:10.1109/ARES.2016.4
Breier, J., Jap, D., Bhasin, S.: The other side of the coin: analyzing software encoding schemes against fault injection attacks. In: 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 209–216. IEEE (2016)
Chen, C., Eisenbarth, T., Shahverdi, A., Ye, X.: Balanced encoding to mitigate power analysis: a case study. In: CARDIS, Lecture Notes in Computer Science. Springer, Paris, France (2014)
Dureuil, L., Potet, M.L., de Choudens, P., Dumas, C., Clédière, J.: From Code Review to Fault Injection Attacks: Filling the Gap Using Fault Model Inference, pp. 107–124. Springer International Publishing, Cham (2016)
Hoogvorst, P., Danger, J.L., Duc, G.: Software implementation of dual-rail representation. In: COSADE (2011). Darmstadt, Germany
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology. CRYPTO ’99, pp. 388–397. Springer, London, UK (1999)
Maghrebi, H., Servant, V., Bringer, J.: There is wisdom in harnessing the strengths of your enemy: customized encoding to thwart side-channel attacks—extended version. Cryptology ePrint Archive, Report 2016/183 (2016)
Rauzy, P., Guilley, S., Najm, Z.: Formally Proved Security of Assembly Code Against Leakage. IACR Cryptology ePrint Archive 2013, 554 (2013)
Rivière, L., Najm, Z., Rauzy, P., Danger, J.L., Bringer, J., Sauvage, L.: High precision fault injections on the instruction cache of ARMv7-M architectures. In: Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on, pp. 62–67 (2015). doi:10.1109/HST.2015.7140238
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 30–46. Springer, Berlin (2005)
Yuce, B., Ghalaty, N.F., Schaumont, P.: Improving fault attacks on embedded software using risc pipeline characterization. In: 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 97–108 (2015). doi:10.1109/FDTC.2015.16
Author information
Authors and Affiliations
Corresponding author
Appendices
Appendix A: Assembly code for Static-DPL XOR implementation
Table in this section contains assembly code used for the code analysis. Note that there are several differences in comparison with the original paper. We precharge all the registers before the code execution; therefore, there is no need to use precharge instructions. The other change is in instructions 7 and 8, where we first load the operation code (can take values 01010101 for and, 10101010 for or and 01100110 for xor) and then we execute ldd instruction using the destination register, operation code and value. Lookup tables are stated in Tables 1 and 2.
Appendix B: Assembly code for Static-Encoding XOR implementation
The code stated in Table 3 follows the originally proposed algorithm for Static-Encoding XOR. This implementation uses several constants, either for clearing and precharging the registers before loading the data (e.g., ldi r16 11110000), or for changing the data to proper encoding format (e.g., ldi r17 01011010).
Appendix C: Assembly code for device-specific encoding XOR implementation
In this section, we describe the code used for Device-Specific Encoding XOR. After determining the bit leakage weights and computing the encoding based on Algorithm 1, several lookup tables are constructed.
According to the original paper [8], it is reasonable to split an n-bit variable into two different halves in order to avoid holding large lookup tables in memory. Therefore, we use two registers for processing each value.
In Table 4, the pseudocode for the encoding is presented. First, the upper nibble is retrieved for input a and b (\(a_h\) and \(b_h\)) under the encoding format (\(f(a_h)\) and \(f(b_h)\)), using the luthb table, followed by the lookup table lutop used to perform xor operation (\(LUT(f(a_h)<<4||f(b_h)) = f(a_h \oplus b_h)\)). Similar procedure is done for the lower nibble, using the lutlb.
Rights and permissions
About this article
Cite this article
Breier, J., Jap, D. & Bhasin, S. A study on analyzing side-channel resistant encoding schemes with respect to fault attacks. J Cryptogr Eng 7, 311–320 (2017). https://doi.org/10.1007/s13389-017-0166-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-017-0166-5