Fig 1 - uploaded by Alexander Fell
Content may be subject to copyright.
Timing histogram of (a) a baseline program, (b) after transformation using cross-copying, (c) using conditional assignment and (d) using left-to-right sliding window. In each plot, the X-axis and Y-axis show the execution time in clock cycles and number of instances with that execution time, respectively.
Source publication
Timing side-channel attacks pose a major threat to embedded systems due to their ease of accessibility. We propose CIDPro, a framework that relies on dynamic program diversification to mitigate timing side-channel leakage. The proposed framework integrates the widely used LLVM compiler infrastructure and the increasingly popular RISC-V FPGA soft-pr...
Contexts in source publication
Context 1
... limitations of the existing approaches are highlighted in Figures 1(b)-(d), which show the timing histograms of the RSA algorithm (that includes the modExp function) when it is executed with two different keys in the absence of an OS, i.e. in a bare metal environment that is common in embedded systems [8]. The timing characteristics corresponding to the two different keys are clearly distinguishable with the ex- isting approaches and hence, they do not provide effective countermeasures against timing side-channel attacks. ...
Context 2
... is evident that the timing leakage reduces significantly for PrBL and PrLR with increasing diversification levels. In particular, PrLR exhibits a higher reduction in channel capacity compared to PrBL similar to the capacity comparison between LR and BL (refer to Figure 1). Figure 6(b) shows that the execution times of Ca and Cc are notably higher compared to the baseline program, while LR has the lowest execution time among all the techniques. ...
Citations
... The idea of lightweight memory protection through encryption and authentication was explored in [33]. Independent studies have been undertaken for obfuscating the memory access pattern through ORAM [44] and for blocking timing attack channels in RISC-V [45]. Runtime security monitoring for the I/O systems and for secure enclaves have been studied in [46], and in [47], respectively. ...
Over the course of recent years, microarchitectural side-channel attacks emerged as one of the most novel and thought-provoking attacks to exfiltrate information from computing hardware. These attacks leverage the unintended artefacts produced as side-effects to certain architectural design choices and proved difficult to be effectively mitigated without incurring significant performance penalties. In this work, we undertake a systematic mapping study of the academic literature related to the aforementioned attacks. We, in particular, pose four research questions and study 104 primary works to answer those questions. We inquire about the origins of artefacts leading up to exploitable settings of microarchitectural side-channel attacks; the effectiveness of the proposed countermeasures; and the lessons to be learned that would help build secure systems for the future. Furthermore, we propose a classification scheme that would also serve in the future for systematic mapping efforts in this scope.
Program obfuscation is widely used to protect commercial software against reverse-engineering. However, an adversary can still download, disassemble and analyze binaries of the obfuscated code executed on an embedded System-on-Chip (SoC), and by correlating execution times to input values, extract secret information from the program. In this paper, we show (1) the impact of widely-used obfuscation methods on timing leakage, and (2) that well-known software countermeasures to reduce timing leakage of programs, are not always effective for low-noise environments found in embedded systems. We propose two methods for mitigating timing leakage in obfuscated codes. The first is a compiler driven method, called TAD, which removes conditional branches with distinguishable execution times for an input program. In the second method (TADCI), TAD is combined with dynamic hardware diversity by replacing primitive instructions with Custom Instructions (CIs) that exhibit non-deterministic execution times at runtime. Experimental results on the RISC-V platform show that the information leakage is reduced by 92% and 82% when TADCI is applied to the original and obfuscated source code, respectively.
