Abstract
Embedded systems are widely deployed in life-critical systems, but system constraints often limit the depth of security used in these devices, potentially leaving them open to numerous threats. Side channel attacks (SCAs) are a popular attack to extract sensitive information from embedded systems using only side channel leakage. Existing research has focused on obfuscating the sensitive data and operations with the assumption that attackers can readily and automatically identify the location of the sensitive operations in each trace, which is needed to align traces for a successful SCA. However, this is not always the true as the target sensitive data may be randomly located within side channel leakage trace, which necessitates the use of automatic preprocessing to identifying those locations. Limited research has focused on the evaluation of identifying these locations and the difficulty for attacker to identify the location of sensitive information within side channel leakage traces. This paper presents a methodology for evaluating power obfuscation approaches that seek to obfuscate the location of sensitive operation within the power trace, thereby significantly increasing the complexity of automated trace alignment. This paper presents a new adversary model and proposes a new metric, mean trials to success (MTTS), to evaluate different power obfuscation methods in the context of automated trace alignment. We evaluate two common obfuscation methods, namely, instruction shuffling and random instruction insertion, and we present a new obfuscation method using power shaping to intentionally mislead the attacker.
Similar content being viewed by others
References
Lu Y, Boey KH, O'Neill M, McCanny JV (2009) Practical comparison of differential power analysis techniques on an ASIC implementation of the AES algorithm. ISSC 2009, Dublin, p 1–6
Mayer-Sommer R (2000) Smartly analyzing the simplicity and the power of simple power analysis on smartcards. In: Cryptographic Hardware and Embedded Systems, Springer-Verlag, p 78–92
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in cryptology—CRYPTO’99, Berlin, Heidelberg, p 789–789
Chari S, Rao JR, Rohatgi P (2002) Template attacks. In: International Workshop on Cryptographic Hardware and Embedded Systems, Berlin, Heidelberg, p 13–28
Brier E, Clavier C, Olivier F (2008) Correlation power analysis with a leakage model. In: International Workshop on Cryptographic Hardware and Embedded Systems, Berlin, Heidelberg, p 16–29
Gierlichs B, Batina L, Tuyls P, Preneel B (2008) Mutual information analysis. CHES 2008:426–442
Herbst C, Oswald E, Mangard S (2006) An AES smart card implementation resistant to power analysis attack. In: Annual International Conference on Applied Cryptography and Network Security, p 239–252
Messerges TS (2002) Using Second-order power analysis to attack DPA resistant software. In: International Workshop on Cryptographic Hardware and Embedded Systems, Berlin, Heidelberg, p 238–251
Callan R, Zajic A, Prvulovic M (2014) A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events. In: 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture, Cambridge, p 242–254
Demme J, Martin R, Waksman A, Sethumadhavan S (2013) A quantitative, experimental approach to measuring processor side-channel security. IEEE Micro 33(3):68–77
Gebotys CH (2006) A table masking countermeasure for low-energy secure embedded systems. IEEE TVLSI Sys 14(7):740–753
Fei Y, Ding AA, Lao J, Zhang L. (2014) A statistics-based fundamental model for side-channel attack analysis. IACR Cryptol ePrint Arch
Renauld M, Standaert FX, Veyrat-Charvillon N, Kamel D, Flandre D (2011) A formal study of power variability issues and side-channel attacks for nanoscale devices. Eurocrypt 6632:109–128
Van Woudenberg JG, Witteman MF, Bakker B (2011) Improving differential power analysis by elastic alignment. In: Cryptographers’ Track at the RSA Conference, Berlin, Heidelberg, p 104–119
Tian Q, Huss SA (2012) On the attack of misaligned traces by power analysis methods. In: 2012 Seventh ICCES, Cairo, p 28–34
Tian Q, Huss SA (2012) On clock frequency effects in side channel attacks of symmetric block ciphers. In: International Conference NTMS, Istanbul, p 1–5
Batina L, Gierlichs B, Prouff E, Rivain M, Standaert FX, Veyrat-Charvillon N (2011) Mutual information analysis: a comprehensive study. J Cryptol 24(2):269–291
Tillich S, Herbst C (2008) Attacking state-of-the-art software countermeasures—a case study for AES CHES 2008 Lecture Notes in Computer Science, p 228–243
Eldib H, Wang C, Taha M, Schaumont P (2015) Quantitative masking strength: quantifying the power side-channel resistance of software code. IEEE Trans Comput Aided Des Integr Circuits Syst 34(10):1558–1568
Binkert N, Beckmann B, Black G, Reinhardt SK, Saidi A, Basu A, Hestness J, Hower DR, Krishna T, Sardashti S, Sen R (2011) The Gem5 Simulator. ACM SIGARCH Comput Architecture News 39(2):1–7
Li S, Anh JH, Strong RD, Brockman JB, Tullsen DM, Jouppi NP (2009) McPAT: an integrated power, area, and timing modeling framework for multi-core and manycore architectures. In: Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture, p 469–480
Rechberger C, Oswald E (2004) Practical template attacks. In: International Workshop on Information Security Applications, Springer, Berlin, Heidelberg, p 440–456
Standaert FX, Malkin TG, Yung M (2009) A unified framework for the analysis of side-channel key recovery attacks. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, Berlin, Heidelberg, p 443–461
Archambeau C, Peeters E, Standaert FX, Quisquater JJ (2006) Template attacks in principal subspaces. In: International Workshop on Cryptographic Hardware and Embedded Systems, Springer, Berlin, Heidelberg
Veyrat-Charvillon N, Standaert FX (2009) Mutual information analysis: how, when and why? CHES 2009. Springer, Berlin, Heidelberg, pp 429–443
Choudary O, Kuhn MG (2013) Efficient template attacks international conference on smart card research and advanced applications. Springer, Cham, p 253–270
Oswald E, Mangard S (2007) Template attacks on masking—resistance is futile. In: Cryptographers’ track at the RSA conference, Springer, Berlin, Heidelberg, p 243–256
Prouff E, Rivain M (2013) Masking against side-channel attacks: a formal security proof. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, Berlin, Heidelberg, p 142–159
Peeters E, Standaert FX, Donckers N, Quisquater JJ (2005) Improved higher-order side-channel attacks with FPGA experiments. In: International Workshop on Cryptographic Hardware and Embedded Systems, Springer, Berlin, Heidelberg, p 309–323
Rivain M, Prouff E (2017) Provably secure higher-order masking of AES. In: International Workshop on Cryptographic Hardware and Embedded Systems, Springer, Berlin, Heidelberg, p 413–427
ARM MBED AES (2017) Accessed: https://tls.mbed.org/aes-source-code
Liu B, Chen K, Seo M, Roveda J, Lysecky R (2018) Evaluation of the complexity of automated trace alignment using novel power obfuscation methods. In: ACM Great Lakes Symposium on VLSI (GLSVLSI), Chicago, IL USA
Thiebeauld H, Gagnerot G, Wurcker A, Clavier C (2018) Scatter: a new dimension in side-channel. In: International Workshop on Constructive Side-Channel Analysis and Secure Design, Springer, Cham, p 135–152
Agosta G, Barenghi A, Pelosi G, Scandale M (2015) The MEET approach: securing cryptographic embedded software against side channel attacks. IEEE Trans Comput Aided Des Integr Circuits Syst 34(8):1320–1333
Cagli E, Dumas C, Prouff E (2017) Convolutional neural networks with data augmentation against jitter-based countermeasures. In: Fischer W, Homma N (eds) Cryptographic Hardware and Embedded Systems – CHES 2017. CHES 2017. Lecture Notes in Computer Science. 10529, Springer, Cham. https://doi.org/10.1007/978-3-319-66787-4_3
Althoff A, McMahan J, Vega L, Davidson S, Sherwood T, Taylor M, Kastner R (2018) Hiding intermittent information leakage with architectural support for blinking. In: 2018 ACM/IEEE 45th Annual International Symposium on Computer Architecture (ISCA), IEEE, p 638–649
Golder A, Das D, Danial J, Ghosh S, Sen S, Raychowdhury A (2019) Practical approaches toward deep-learning-based cross-device power side-channel attack. In: IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 27(2):2720–2733. https://doi.org/10.1109/TVLSI.2019.2926324
Funding
This research was supported by the Army Research Office under Grant W911NF-16–1-0130.
Author information
Authors and Affiliations
Contributions
Bozhi (20), Kemeng (15), Minjun (15), Janet (20), Roman (20).
Corresponding author
Rights and permissions
About this article
Cite this article
Liu, B., Chen, K., Seo, M. et al. Methods and Analysis of Automated Trace Alignment Under Power Obfuscation in Side Channel Attacks. J Hardw Syst Secur 5, 127–142 (2021). https://doi.org/10.1007/s41635-021-00117-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41635-021-00117-1