Reverse Engineering the Micro-Architectural Leakage Features of a Commercial Processor

Micro-architectural leakage is a reality even on lowto midrange commercial processors. Dealing with it is expensive, because micro-architectural leakage is often only discovered after implementation choices have been made (i.e. when evaluating the concrete implementation). We demonstrate that it is feasible, using a recent leakage modelling technique, to reverse engineer significant elements of the micro-architectural leakage of a mid-range commercial processor in a “grey-box” setting. Our approach first recovers the micro-architectural features of each stage in the pipeline, and the leakage of elements that are known to produce glitches. To put our reverse engineered micro-architectural leakage in context, we compare and contrast a leakage analysis of a relevant piece of masking code. More specifically, we compare the leakage that we would anticipate given our analysis, and predictions of the to-date most sophisticated leakage simulators (e.g. ELMO and MAPS) on the same piece of code. Our research demonstrates that reverse engineering of micro-architectural components (and their leakage) is clearly feasible using available sidechannel leakage, and following, it should be possible to build more accurate leakage simulators.

[1]  Amir Moradi,et al.  Hardware Masking, Revisited , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[2]  Christophe Clavier,et al.  Side Channel Analysis for Reverse Engineering (SCARE) - An Improved Attack Against a Secret A3/A8 GSM Algorithm , 2004, IACR Cryptol. ePrint Arch..

[3]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[4]  Johann Großschädl,et al.  Micro-Architectural Power Simulator for Leakage Assessment of Cryptographic Software on ARM Cortex-M3 Processors , 2018, IACR Cryptol. ePrint Arch..

[5]  Jean-Louis Lanet,et al.  Side channel analysis techniques towards a methodology for reverse engineering of Java Card byte-code , 2015, 2015 11th International Conference on Information Assurance and Security (IAS).

[6]  Patrick Schaumont,et al.  SoK: Design Tools for Side-Channel-Aware Implementations , 2021, IACR Cryptol. ePrint Arch..

[7]  Michael Tunstall,et al.  On the Effect of the (Micro)Architecture on the Development of Side-Channel Resistant Software , 2020, IACR Cryptol. ePrint Arch..

[8]  Benjamin Grégoire,et al.  Masking in Fine-Grained Leakage Models: Construction, Implementation and Verification , 2021, IACR Cryptol. ePrint Arch..

[9]  Christof Paar,et al.  When Reverse-Engineering Meets Side-Channel Analysis - Digital Lockpicking in Practice , 2013, Selected Areas in Cryptography.

[10]  Kyoji Shibutani,et al.  Midori: A Block Cipher for Low Energy , 2015, ASIACRYPT.

[11]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[12]  Werner Schindler Sorin A. Huss,et al.  Constructive Side-Channel Analysis and Secure Design , 2012, Lecture Notes in Computer Science.

[13]  Swarup Bhunia,et al.  SCARE: Side-Channel Analysis Based Reverse Engineering for Post-Silicon Validation , 2012, 2012 25th International Conference on VLSI Design.

[14]  Lejla Batina,et al.  Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers , 2019, IACR Cryptol. ePrint Arch..

[15]  Dan Page,et al.  MIRACLE: MIcRo-ArChitectural Leakage Evaluation , 2021, IACR Cryptol. ePrint Arch..

[16]  Kostas Papagiannopoulos,et al.  Mind the Gap: Towards Secure 1st-Order Masking in Software , 2017, COSADE.

[17]  Stefan Mangard,et al.  Coco: Co-Design and Co-Verification of Masked Software Implementations on CPUs , 2020, IACR Cryptol. ePrint Arch..

[18]  Elisabeth Oswald,et al.  Towards Practical Tools for Side Channel Aware Software Engineering: 'Grey Box' Modelling for Instruction Leakages , 2017, USENIX Security Symposium.

[19]  Elisabeth Oswald,et al.  A Novel Completeness Test and its Application to Side Channel Attacks and Simulators , 2021, IACR Cryptol. ePrint Arch..