Runtime Code Polymorphism as a Protection Against Side Channel Attacks

Abstract : We present a generic framework for runtime code polymorphism, applicable to a broad range of computing platforms including embedded systems with low computing resources (e.g. microcontrollers with few kilo-bytes of memory). Code polymorphism is defined as the ability to change the observable behaviour of a software component without changing its functional properties. In this paper we present the implementation of code polymorphism with runtime code generation, which offers many code transformation possibilities: we describe the use of random register allocation, random instruction selection, instruction shuffling and insertion of noise instructions. We evaluate the effectiveness of our framework against correlation power analysis: as compared to an unprotected implementation of AES where the secret key could be recovered in less than 50 traces in average, in our protected implementation, we increased the number of traces necessary to achieve the same attack by more than 20000×. With regards to the state of the art, our implementation shows a moderate impact in terms of performance overhead.
Type de document :
Communication dans un congrès
10th IFIP WG 11.2 International Conference, WISTP 2016, Sep 2016, Heraklion, Greece. Lecture Notes in Computer Science, 10th IFIP WG 11.2 International Conference, WISTP 2016, Heraklion, Crete, Greece, September 26–27, 2016, Proceedings, Volume 9895, pp 136-152, 2016, Information Security Theory and Practice. 〈10.1007/978-3-319-45931-8_9〉
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal-emse.ccsd.cnrs.fr/emse-01372223
Contributeur : Florent Breuil <>
Soumis le : vendredi 4 novembre 2016 - 11:51:37
Dernière modification le : mercredi 2 août 2017 - 10:09:57
Document(s) archivé(s) le : dimanche 5 février 2017 - 13:50:31

Fichier

WISTP-2016-preprint.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Damien Couroussé, Thierno Barry, Bruno Robisson, Philippe Jaillon, Olivier Potin, et al.. Runtime Code Polymorphism as a Protection Against Side Channel Attacks. 10th IFIP WG 11.2 International Conference, WISTP 2016, Sep 2016, Heraklion, Greece. Lecture Notes in Computer Science, 10th IFIP WG 11.2 International Conference, WISTP 2016, Heraklion, Crete, Greece, September 26–27, 2016, Proceedings, Volume 9895, pp 136-152, 2016, Information Security Theory and Practice. 〈10.1007/978-3-319-45931-8_9〉. 〈emse-01372223〉

Partager

Métriques

Consultations de
la notice

330

Téléchargements du document

288