Hiding Intermittent Information Leakage with Architectural Support for Blinking

As demonstrated by numerous practical attacks, the physical act of computation emits unintended and damaging information through infinitesimal variations in timing, power, and resource contention. While there are many techniques for preventing the leakage of information through power channels for specific cryptographic units, they are typically either built directly into the hardware logic or exploit intricate mathematical properties of the algorithm itself. However, such leaks are not uniform in time but, as we show, rather occur in specific bursts. Exploiting this observation we propose a set of software-controlled techniques allowing for the seamless disconnection and reconnection of general purpose programmable components in a system-on-chip. Such a system is capable of providing brief moments of electrical isolation during which the most critical computations can be performed free from both timing and power measurement. Of course, disconnection comes at a cost. To balance the resulting trade-off between overhead and security effectively, we describe a new analysis technique to uncover the "leakiest" intervals of time, we provide an algorithm to co-optimize the covering of these intervals and the performance/energy costs under a set of architecture imposed constraints, and explore the architectural and software ramifications of such intermittent disconnection. In the end we find that by hiding only between 15% and 30% of the trace, at a performance cost of between 15% and 50%, we are able to reduce the mutual information between the leakage model and key bits by 75% on average, and to nearly zero in specific cases.

[1]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[2]  M. Taylor,et al.  RV-IOV : Tethering RISC-V Processors via Scalable I / O Virtualization , 2017 .

[3]  Milos Prvulovic,et al.  A Practical Methodology for Measuring the Side-Channel Signal Available to the Attacker for Instruction-Level Events , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[4]  David Blaauw,et al.  Secure AES engine with a local switched-capacitor current equalizer , 2009, 2009 IEEE International Solid-State Circuits Conference - Digest of Technical Papers.

[5]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[6]  Robert C. Aitken,et al.  Low Power Methodology Manual - for System-on-Chip Design , 2007 .

[7]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[8]  Keiichi Kitajo,et al.  Synchronization of spontaneous eyeblinks while viewing video stories , 2009, Proceedings of the Royal Society B: Biological Sciences.

[9]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.

[10]  H. Schiffman Sensation and Perception: An Integrated Approach , 1976 .

[11]  Luca Benini,et al.  Energy-aware design techniques for differential power analysis protection , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[12]  Christof Paar,et al.  A Hardware-Based Countermeasure to Reduce Side-Channel Leakage: Design, Implementation, and Evaluation , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[13]  Elisabeth Oswald,et al.  Multi-target DPA Attacks: Pushing DPA Beyond the Limits of a Desktop Computer , 2014, ASIACRYPT.

[14]  P. Rohatgi,et al.  A testing methodology for side channel resistance , 2011 .

[15]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[16]  Travis N. Blalock,et al.  An on-chip signal suppression countermeasure to power analysis attacks , 2004, IEEE Transactions on Dependable and Secure Computing.

[17]  Isabelle Guyon,et al.  An Introduction to Variable and Feature Selection , 2003, J. Mach. Learn. Res..

[18]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[19]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[20]  Moein Khazraee,et al.  Specializing a Planet's Computation: ASIC Clouds , 2017, IEEE Micro.

[21]  Amir Moradi,et al.  Leakage Detection with the x2-Test , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[22]  John E. Moody,et al.  Data Visualization and Feature Selection: New Algorithms for Nongaussian Data , 1999, NIPS.

[23]  Paul Dischamp,et al.  Power Analysis, What Is Now Possible , 2000, ASIACRYPT.

[24]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[25]  Frederic T. Chong,et al.  Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security , 2011, 2011 38th Annual International Symposium on Computer Architecture (ISCA).

[26]  Stefano Gregori,et al.  On-chip current flattening circuit with dynamic voltage scaling , 2006, 2006 IEEE International Symposium on Circuits and Systems.

[27]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[28]  Stefano Gregori,et al.  Protection Circuit against Differential Power Analysis Attacks for Smart Cards , 2008, IEEE Transactions on Computers.

[29]  Guru Venkataramani,et al.  CC-Hunter: Uncovering Covert Timing Channels on Shared Processor Hardware , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[30]  Narayanan Vijaykrishnan,et al.  Power attack resistant cryptosystem design: a dynamic voltage and frequency switching approach , 2005, Design, Automation and Test in Europe.

[31]  Amir Moradi,et al.  Moments-Correlating DPA , 2016, IACR Cryptol. ePrint Arch..

[32]  Stefan Mangard,et al.  Hardware Countermeasures against DPA ? A Statistical Analysis of Their Effectiveness , 2004, CT-RSA.

[33]  M. Taylor,et al.  Experiences Using the RISC-V Ecosystem to Design an Accelerator-Centric SoC in TSMC 16nm , 2017 .

[34]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[35]  Makoto Kato,et al.  Blink-related momentary activation of the default mode network while viewing videos , 2012, Proceedings of the National Academy of Sciences.

[36]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[37]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[38]  Colas Schretter,et al.  Information-Theoretic Feature Selection in Microarray Data Using Variable Complementarity , 2008, IEEE Journal of Selected Topics in Signal Processing.

[39]  Amir Moradi,et al.  Leakage Detection with the χ 2-Test , 2018 .

[40]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[41]  Christophe Clavier,et al.  Practical improvements of side-channel attacks on AES: feedback from the 2nd DPA contest , 2014, Journal of Cryptographic Engineering.

[42]  Martin Margala,et al.  An integrated countermeasure against differential power analysis for secure smart-cards , 2006, 2006 IEEE International Symposium on Circuits and Systems.

[43]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[44]  Adi Shamir,et al.  Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies , 2000, CHES.

[45]  Sylvain Guilley,et al.  NICV: Normalized inter-class variance for detection of side-channel leakage , 2014, 2014 International Symposium on Electromagnetic Compatibility, Tokyo.

[46]  Gavin Brown,et al.  Conditional Likelihood Maximisation: A Unifying Framework for Information Theoretic Feature Selection , 2012, J. Mach. Learn. Res..

[47]  Ingrid Verbauwhede,et al.  Revisiting Higher-Order DPA Attacks: , 2010, CT-RSA.

[48]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[49]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[50]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[51]  A. Hall THE ORIGIN AND PURPOSES OF BLINKING*† , 1945, The British journal of ophthalmology.

[52]  Simha Sethumadhavan,et al.  Side-channel vulnerability factor: A metric for measuring information leakage , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[53]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[54]  D. Freedman,et al.  Finite Exchangeable Sequences , 1980 .

[55]  ZhangLu,et al.  Extreme Datacenter Specialization for Planet-Scale Computing , 2018 .

[56]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.