Cryptology ePrint Archive: Report 2020/466

Custom Instruction Support for Modular Defense against Side-channel and Fault Attacks

Pantea Kiaei and Darius Mercadier and Pierre-Evariste Dagand and Karine Heydemann and Patrick Schaumont

Abstract: The design of software countermeasures against active and passive adversaries is a challenging problem that has been addressed by many authors in recent years. The proposed solutions adopt a theoretical foundation (such as a leakage model) but often do not offer concrete reference implementations to validate the foundation. Contributing to the experimental dimension of this body of work, we propose a customized processor called SKIVA that supports experiments with the design of countermeasures against a broad range of implementation attacks. Based on bitslice programming and recent advances in the literature, SKIVA offers a flexible and modular combination of countermeasures against power-based and timing-based side-channel leakage and fault injection. Multiple configurations of side-channel protection and fault protection enable the programmer to select the desired number of shares and the desired redundancy level for each slice. Recurring and security-sensitive operations are supported in hardware through custom instruction-set extensions. The new instructions support bitslicing, secret-share generation, redundant logic computation, and fault detection. We demonstrate and analyze multiple versions of AES from a side-channel analysis and a fault-injection perspective, in addition to providing a detailed performance evaluation of the protected designs. To our knowledge, this is the first validated end-to-end implementation of a modular bitslice-oriented countermeasure.

Category / Keywords: implementation / Side-channel Leakage, Fault Injection, Bitslice Programming

Original Publication (in the same form): International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2020

Date: received 21 Apr 2020, last revised 24 Apr 2020

Contact author: pantea95 at vt edu,darius mercadier@gmail com,pierre-evariste dagand@lip6 fr,karine heydemann@lip6 fr,pschaumont@wpi edu

Available format(s): PDF | BibTeX Citation

Note: The hardware and software design files of this paper can be found on GitHub: https://github.com/Secure-Embedded-Systems/Skiva

Version: 20200424:135854 (All versions of this report)

Short URL: ia.cr/2020/466


[ Cryptology ePrint archive ]