论文信息 - COGITO: Code polymorphism to secure devices

COGITO: Code polymorphism to secure devices

In this paper, we advocate the use of code polymorphism as an efficient means to improve security at several levels in electronic devices. We analyse the threats that polymorphism could help thwart, and present the solution that we plan to demonstrate in the scope of a collaborative research project called COGITO. We expect our solution to be effective to improve security, to comply with the computing and memory constraints of embedded devices, and to be easily generalisable to a large set of embedded computing platforms.

[1] Henk L. Muller,et al. Random Register Renaming to Foil DPA , 2001, CHES.

[2] Giorgio Di Natale,et al. Sensitivity tuning of a bulk built-in current sensor for optimal transient-fault detection , 2013, Microelectron. Reliab..

[3] Adi Shamir,et al. Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies , 2000, CHES.

[4] Henri-Pierre Charles,et al. deGoal a Tool to Embed Dynamic Code Generators into Applications , 2014, CC.

[5] Giovanni Agosta,et al. A code morphing methodology to automate power analysis countermeasures , 2012, DAC Design Automation Conference 2012.

[6] Hanspeter Mössenböck,et al. Design of the Java HotSpot#8482; client compiler for Java 6 , 2008, TACO.

[7] Jean-Max Dutertre,et al. Efficiency of a glitch detector against electromagnetic fault injection , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[8] WimmerChristian,et al. Design of the Java HotSpot client compiler for Java 6 , 2008 .

[9] Stefan Mangard,et al. Power analysis attacks - revealing the secrets of smart cards , 2007 .

[10] Adi Shamir,et al. RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis , 2014, CRYPTO.

[11] Michael W. Hicks,et al. Automated detection of persistent kernel control-flow attacks , 2007, CCS '07.

[12] Christian S. Collberg,et al. A Taxonomy of Obfuscating Transformations , 1997 .

[13] Guillaume Barbu,et al. Attacks on Java Card 3.0 Combining Fault and Logical Attacks , 2010, CARDIS.

[14] Koen De Bosschere,et al. Software Protection Through Dynamic Code Mutation , 2005, WISA.

[15] David Naccache,et al. Can Code Polymorphism Limit Information Leakage? , 2011, WISTP.

[16] Henri-Pierre Charles,et al. Introduction to Dynamic Code Generation: An Experiment with Matrix Multiplication for the STHORM Platform , 2014 .

[17] Sylvain Guilley,et al. Evaluation of Power Constant Dual-Rail Logics Countermeasures against DPA with Design Time Security Metrics , 2010, IEEE Transactions on Computers.

[18] Christian F. Tschudin,et al. On Software Protection via Function Hiding , 1998, Information Hiding.

[19] Karine Heydemann,et al. Formal verification of a software countermeasure against instruction skip attacks , 2013, Journal of Cryptographic Engineering.

[20] Henk L. Muller,et al. Non-deterministic Processors , 2001, ACISP.

[21] Damien Couroussé,et al. Software acceleration of floating-point multiplication using runtime code generation — Student paper , 2013, 2013 4th Annual International Conference on Energy Aware Computing Systems and Applications (ICEAC).

[22] Srivaths Ravi,et al. Secure embedded processing through hardware-assisted run-time monitoring , 2005, Design, Automation and Test in Europe.

[23] Swarup Bhunia,et al. HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection , 2009, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[24] Roman Novak,et al. Side-Channel Attack on Substitution Blocks , 2003, ACNS.

[25] Paolo Ienne,et al. An architecture-independent instruction shuffler to protect against side-channel attacks , 2012, TACO.

[26] Amit Sahai,et al. On the (im)possibility of obfuscating programs , 2001, JACM.