Runtime Code Polymorphism as a Protection against Physical Attacks
Abstract
We present a generic framework for runtime code polymorphism,
applicable to a large class of computing platforms up to embedded
systems with low computing resources (e.g. microcontrollers with
few kilo-bytes of memory). Code polymorphism is dened as the ability
to change the observable behaviour of a software component without
changing its functional properties. In our framework, code polymorphism
is achieved thanks to runtime code generation, which oers many levers
for code transformations: we describe the use of random register allocation,
random instruction selection, instruction shuing and insertion of
noise instructions.We evaluate the eectiveness of our framework against
dierential power analysis and its overhead impact. As compared to a
reference implementation of AES where the cipher key could be recovered
by DPA in less than 50 traces in average, in our implementation the
key cipher could not be extracted after 10000 traces. Our experimental
evaluation shows a moderate impact in terms of performance overhead.
Origin | Files produced by the author(s) |
---|
Loading...