Paper 2020/466
Custom Instruction Support for Modular Defense against Side-channel and Fault Attacks
Pantea Kiaei, Darius Mercadier, Pierre-Evariste Dagand, Karine Heydemann, and Patrick Schaumont
Abstract
The design of software countermeasures against active and passive adversaries is a challenging problem that has been addressed by many authors in recent years. The proposed solutions adopt a theoretical foundation (such as a leakage model) but often do not offer concrete reference implementations to validate the foundation. Contributing to the experimental dimension of this body of work, we propose a customized processor called SKIVA that supports experiments with the design of countermeasures against a broad range of implementation attacks. Based on bitslice programming and recent advances in the literature, SKIVA offers a flexible and modular combination of countermeasures against power-based and timing-based side-channel leakage and fault injection. Multiple configurations of side-channel protection and fault protection enable the programmer to select the desired number of shares and the desired redundancy level for each slice. Recurring and security-sensitive operations are supported in hardware through custom instruction-set extensions. The new instructions support bitslicing, secret-share generation, redundant logic computation, and fault detection. We demonstrate and analyze multiple versions of AES from a side-channel analysis and a fault-injection perspective, in addition to providing a detailed performance evaluation of the protected designs. To our knowledge, this is the first validated end-to-end implementation of a modular bitslice-oriented countermeasure.
Note: The hardware and software design files of this paper can be found on GitHub: https://github.com/Secure-Embedded-Systems/Skiva
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Published elsewhere. International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2020
- Keywords
- Side-channel LeakageFault InjectionBitslice Programming
- Contact author(s)
-
pantea95 @ vt edu
darius mercadier @ gmail com
pierre-evariste dagand @ lip6 fr
karine heydemann @ lip6 fr
pschaumont @ wpi edu - History
- 2020-04-24: revised
- 2020-04-24: received
- See all versions
- Short URL
- https://ia.cr/2020/466
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/466, author = {Pantea Kiaei and Darius Mercadier and Pierre-Evariste Dagand and Karine Heydemann and Patrick Schaumont}, title = {Custom Instruction Support for Modular Defense against Side-channel and Fault Attacks}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/466}, year = {2020}, url = {https://eprint.iacr.org/2020/466} }