Fig 9 - uploaded by Alexander Fell
Content may be subject to copyright.
Comparing channel capacity of the proposed solution and the existing solutions running on Linux OS environment.

Comparing channel capacity of the proposed solution and the existing solutions running on Linux OS environment.

Source publication
Conference Paper
Full-text available
Timing side-channel attacks pose a major threat to embedded systems due to their ease of accessibility. We propose CIDPro, a framework that relies on dynamic program diversification to mitigate timing side-channel leakage. The proposed framework integrates the widely used LLVM compiler infrastructure and the increasingly popular RISC-V FPGA soft-pr...

Contexts in source publication

Context 1
... execution time of the normal functions remains unaffected. Figure 9 reports the results of the binaries executed in a Linux OS environment on the Rocket chip. The Linux OS is very constrained with minimum effects on the programs and all executable files are compiled and linked statically. ...
Context 2
... means that the noise incurred by the Linux OS affects the information leakage only marginally. As it can be observed in Figure 9, the existing solutions (Ca and Cc) are not able to achieve notable reductions in channel capacity. The results show that Pr effectively mitigates the timing side-channel with channel capacity below 0.2 and 0.12 for the modExp and mulMod16 benchmarks, respectively. ...


... The idea of lightweight memory protection through encryption and authentication was explored in [33]. Independent studies have been undertaken for obfuscating the memory access pattern through ORAM [44] and for blocking timing attack channels in RISC-V [45]. Runtime security monitoring for the I/O systems and for secure enclaves have been studied in [46], and in [47], respectively. ...
Full-text available
Over the course of recent years, microarchitectural side-channel attacks emerged as one of the most novel and thought-provoking attacks to exfiltrate information from computing hardware. These attacks leverage the unintended artefacts produced as side-effects to certain architectural design choices and proved difficult to be effectively mitigated without incurring significant performance penalties. In this work, we undertake a systematic mapping study of the academic literature related to the aforementioned attacks. We, in particular, pose four research questions and study 104 primary works to answer those questions. We inquire about the origins of artefacts leading up to exploitable settings of microarchitectural side-channel attacks; the effectiveness of the proposed countermeasures; and the lessons to be learned that would help build secure systems for the future. Furthermore, we propose a classification scheme that would also serve in the future for systematic mapping efforts in this scope.
Conference Paper
Program obfuscation is widely used to protect commercial software against reverse-engineering. However, an adversary can still download, disassemble and analyze binaries of the obfuscated code executed on an embedded System-on-Chip (SoC), and by correlating execution times to input values, extract secret information from the program. In this paper, we show (1) the impact of widely-used obfuscation methods on timing leakage, and (2) that well-known software countermeasures to reduce timing leakage of programs, are not always effective for low-noise environments found in embedded systems. We propose two methods for mitigating timing leakage in obfuscated codes. The first is a compiler driven method, called TAD, which removes conditional branches with distinguishable execution times for an input program. In the second method (TADCI), TAD is combined with dynamic hardware diversity by replacing primitive instructions with Custom Instructions (CIs) that exhibit non-deterministic execution times at runtime. Experimental results on the RISC-V platform show that the information leakage is reduced by 92% and 82% when TADCI is applied to the original and obfuscated source code, respectively.