Paper 2024/574

PoMMES: Prevention of Micro-architectural Leakages in Masked Embedded Software

Jannik Zeitschner, Ruhr University Bochum
Amir Moradi, TU Darmstadt
Abstract

Software solutions to address computational challenges are ubiquitous in our daily lives. One specific application area where software is often used is in embedded systems, which, like other digital electronic devices, are vulnerable to side-channel analysis attacks. Although masking is the most common countermeasure and provides a solid theoretical foundation for ensuring security, recent research has revealed a crucial gap between theoretical and real-world security. This shortcoming stems from the micro-architectural effects of the underlying micro-processor. Common security models used to formally verify masking schemes such as the d-probing model fully ignore the micro-architectural leakages that lead to a set of instructions that unintentionally recombine the shares. Manual generation of masked assembly code that remains secure in the presence of such micro-architectural recombinations often involves trial and error, and is non-trivial even for experts. Motivated by this, we present PoMMES, which enables inexperienced software developers to automatically compile masked functions written in a high-level programming language into assembly code, while preserving the theoretically proven security in practice. Compared to the state of the art, based on a general model for microarchitectural effects, our scheme allows the generation of practically secure masked software at arbitrary security orders for in-order processors. The major contribution of PoMMES is its micro-architecture aware register allocation algorithm, which is one of the crucial steps during the compilation process. In addition to simulation-based assessments that we conducted by open-source tools dedicated to evaluating masked software implementations, we confirm the effectiveness of the PoMMES-generated codes through experimental analysis. We present the result of power consumption based leakage assessments of several case studies running on a Cortex M0+ micro-controller, which is commonly deployed in industry.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in TCHES 2024
Keywords
side-channelsoftwaremaskingmicro-architectural effectstoolautomatedcompilerregister allocation
Contact author(s)
jannik zeitschner @ rub de
amir moradi @ tu-darmstadt de
History
2024-04-16: approved
2024-04-15: received
See all versions
Short URL
https://ia.cr/2024/574
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/574,
      author = {Jannik Zeitschner and Amir Moradi},
      title = {{PoMMES}: Prevention of Micro-architectural Leakages in Masked Embedded Software},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/574},
      year = {2024},
      url = {https://eprint.iacr.org/2024/574}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.