Paper 2023/1323

MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks

Thomas Chamelot, Univ. Grenoble Alpes, CEA, List, F-38000 Grenoble, France
Damien Couroussé, Univ. Grenoble Alpes, CEA, List, F-38000 Grenoble, France
Karine Heydemann, Thales DIS France, Sorbonne Univer- sité, CNRS, LIP6, 75005 Paris, France
Abstract

Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardware-only or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8 % and 6.5 % for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50 % and 39 % for the CBC-MAC/Prince.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision. IEEE TCAD
DOI
10.1109/TCAD.2023.3276507
Keywords
code integritycontrol-flow integritycontrol-signal integritycode authenticitycontrol logiccounter-measures
Contact author(s)
chamelot thomas @ gmail com
damien courousse @ cea fr
karine heydemann @ thalesgroup com
History
2023-09-10: revised
2023-09-05: received
See all versions
Short URL
https://ia.cr/2023/1323
License
Creative Commons Attribution-NonCommercial-ShareAlike
CC BY-NC-SA

BibTeX

@misc{cryptoeprint:2023/1323,
      author = {Thomas Chamelot and Damien Couroussé and Karine Heydemann},
      title = {{MAFIA}: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1323},
      year = {2023},
      doi = {10.1109/TCAD.2023.3276507},
      url = {https://eprint.iacr.org/2023/1323}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.