research-article

QMS: Evaluating the Side-Channel Resistance of Masked Software from Source Code

Authors:

Patrick SchaumontAuthors Info & Claims

DAC '14: Proceedings of the 51st Annual Design Automation Conference

Pages 1 - 6

https://doi.org/10.1145/2593069.2593193

Published: 01 June 2014 Publication History

Abstract

Many commercial systems in the embedded space have shown weakness against power analysis based side-channel attacks in recent years. Designing countermeasures to defend against such attacks is both labor intensive and error prone. Furthermore, there is a lack of formal methods for quantifying the actual strength of a countermeasure implementation. Security design errors may therefore go undetected until the side-channel leakage is physically measured and evaluated. We show a better solution based on static analysis of C source code. We introduce the new notion of Quantitative Masking Strength (QMS) to estimate the amount of information leakage from software through side channels. The QMS can be automatically computed from the source code of a countermeasure implementation. Our experiments, based on side-channel measurement on real devices, show that the QMS accurately quantifies the side-channel resistance of the software implementation.

References

[1]

J. Balasch, B. Gierlichs, R. Verdult, L. Batina, and I. Verbauwhede. Power analysis of Atmel CryptoMemory - recovering keys from secure EEPROMs. In CT-RSA, 2012.

Digital Library

[2]

A. Bayrak, F. Regazzoni, D. Novo, and P. Ienne. Sleuth: Automated verification of software power analysis countermeasures. In CHES, 2013.

Digital Library

[3]

G. Bertoni, J. Daemen, M. Peeters, G. V. Assche, and R. V. Keer. Keccak implementation overview. URL: http://keccak.neokeon.org/Keccak-implementation-3.2.pdf.

[4]

J. Blömer, J. Guajardo, and V. Krummel. Provably secure masking of AES. In Selected Areas in Cryptography, 2004.

Digital Library

[5]

J. Boyar and R. Peralta. A small depth-16 circuit for the AES S-Box. In SEC, pages 287--298, 2012.

[6]

E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, Cambridge, MA, 1999.

Digital Library

[7]

B. Dutertre and L. de Moura. A fast linear-arithmetic solver for DPLL(T). In CAV, pages 81--94, 2006.

Digital Library

[8]

H. Eldib and C. Wang. An SMT based method for optimizing arithmetic computations in embedded software code. In FMCAD, 2013.

[9]

H. Eldib, C. Wang, and P. Schaumont. SMT based verification of software countermeasures against side-channel attacks. In TACAS, 2014.

[10]

L. Goubin. A sound method for switching between boolean and arithmetic masking. In CHES, pages 3--15, 2001.

Digital Library

[11]

C. Herbst, E. Oswald, and S. Mangard. An AES smart card implementation resistant to power analysis attacks. In ACNS. pages 239--252, 2006.

Digital Library

[12]

P. C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In CRYPTO, pages 388--397, 1999.

Digital Library

[13]

B. Li, C. Wang, and F. Somenzi. A satisfiability-based approach to abstraction refinement in model checking. ENTCS, 89(4), 2003.

[14]

S. Mangard, E. Oswald, and T. Popp. Power Analysis Attacks -- Revealing the Secrets of Smart Sards. Springer, 2007.

Digital Library

[15]

T. S. Messerges. Securing the AES finalists against power analysis attacks. In Fast Software Encryption, 2000.

Digital Library

[16]

A. Moradi, A. Barenghi, T. Kasper, and C. Paar. On the vulnerability of FPGA bitstream encryption against power analysis attacks - extracting keys from Xilinx Virtex-II FPGAs. IACR Cryptology, 2011.

[17]

NIST. Keccak reference code submission to the SHA-3 competition. URL: http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/documents/Keccak_FinalRnd.zip.

[18]

C. Paar, T. Eisenbarth, M. Kasper, T. Kasper, and A. Moradi. Keeloq and side-channel analysis-evolution of an attack. In FDTC, pages 65--69, 2009.

Digital Library

[19]

E. Prouff and M. Rivain. Masking against side-channel attacks: A formal security proof. In EUROCRYPT. 2013.

[20]

A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5--19, 2003.

Digital Library

[21]

M. Taha and P. Schaumont. Differential power analysis of MAC-Keccak at any key-length. In IWSEC, 2013.

[22]

C. Wang, G. D. Hachhtel, and F. Somenzi. Abstraction Refinement for Large Scale Model Checking. Springer, 2006.

Digital Library

[23]

C. Wang, H. Jin, G. Hachtel, and F. Somenzi. Refining the SAT decision ordering for bounded model checking. In DAC, San Diego, CA, 2004.

Digital Library

[24]

Xilinx. Microblaze soft processor core. URL: http://www.xilinx.com/tools/microblaze.htm.

[25]

Z. Yang, C. Wang, F. Ivančić, and A. Gupta. Mixed symbolic representations for model checking software programs. In MEMOCODE, pages 17--24, July 2006.

Cited By

Gao PSong FChen T(2024)Compositional Verification of First-Order Masking Countermeasures against Power Side-Channel AttacksACM Transactions on Software Engineering and Methodology10.1145/363570733:3(1-38)Online publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1145/3635707
Cheng WGuilley SRioul OCheng WGuilley SRioul O(2024)Information-Theoretic EvaluationMathematical Foundations for Side-Channel Analysis of Cryptographic Systems10.1007/978-3-031-64399-6_5(221-266)Online publication date: 12-Jul-2024
https://doi.org/10.1007/978-3-031-64399-6_5
Meunier QPons EHeydemann K(2023)LeakageVerif: Efficient and Scalable Formal Verification of Leakage in Symbolic ExpressionsIEEE Transactions on Software Engineering10.1109/TSE.2023.3252671(1-16)Online publication date: 2023
https://doi.org/10.1109/TSE.2023.3252671
Show More Cited By

Index Terms

QMS: Evaluating the Side-Channel Resistance of Masked Software from Source Code

Recommendations

Formal Verification of Software Countermeasures against Side-Channel Attacks

A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both ...
Verifying and Quantifying Side-channel Resistance of Masked Software Implementations

Power side-channel attacks, capable of deducing secret data using statistical analysis, have become a serious threat. Random masking is a widely used countermeasure for removing the statistical dependence between secret data and side-channel ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
Abstract
Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

DAC '14: Proceedings of the 51st Annual Design Automation Conference

June 2014

1249 pages

ISBN:9781450327305

DOI:10.1145/2593069

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

EDAC: Electronic Design Automation Consortium
SIGBED: ACM Special Interest Group on Embedded Systems
SIGDA: ACM Special Interest Group on Design Automation
IEEE-CEDA

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

DAC '14

DAC '14: The 51st Annual Design Automation Conference 2014

June 1 - 5, 2014

CA, San Francisco, USA

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

33
Total Citations
View Citations
179
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gao PSong FChen T(2024)Compositional Verification of First-Order Masking Countermeasures against Power Side-Channel AttacksACM Transactions on Software Engineering and Methodology10.1145/363570733:3(1-38)Online publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1145/3635707
Cheng WGuilley SRioul OCheng WGuilley SRioul O(2024)Information-Theoretic EvaluationMathematical Foundations for Side-Channel Analysis of Cryptographic Systems10.1007/978-3-031-64399-6_5(221-266)Online publication date: 12-Jul-2024
https://doi.org/10.1007/978-3-031-64399-6_5
Meunier QPons EHeydemann K(2023)LeakageVerif: Efficient and Scalable Formal Verification of Leakage in Symbolic ExpressionsIEEE Transactions on Software Engineering10.1109/TSE.2023.3252671(1-16)Online publication date: 2023
https://doi.org/10.1109/TSE.2023.3252671
Jiang KBao YWang SLiu ZZhang TYin HStavrou ACremers CShi E(2022)Cache Refinement Type for Side-Channel Detection of Cryptographic SoftwareProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560672(1583-1597)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560672
Huang ZWang C(2022)Symbolic Predictive Cache Analysis for Out-of-Order ExecutionFundamental Approaches to Software Engineering10.1007/978-3-030-99429-7_10(163-183)Online publication date: 29-Mar-2022
https://doi.org/10.1007/978-3-030-99429-7_10
Rioul OCheng WGuilley S(2021)Cumulant Expansion of Mutual Information for Quantifying Leakage of a Protected Secret2021 IEEE International Symposium on Information Theory (ISIT)10.1109/ISIT45174.2021.9517886(2596-2601)Online publication date: 12-Jul-2021
https://doi.org/10.1109/ISIT45174.2021.9517886
Guo SChen YLi PCheng YWang HWu MZuo ZRothermel GBae D(2020)SpecuSymProceedings of the ACM/IEEE 42nd International Conference on Software Engineering10.1145/3377811.3380428(1235-1247)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3377811.3380428
Gao PGrundy JLe Goues CLo D(2020)Formal verification of masking countermeasures for arithmetic programsProceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering10.1145/3324884.3418920(1385-1387)Online publication date: 21-Dec-2020
https://dl.acm.org/doi/10.1145/3324884.3418920
Pengfei GHongyi XSun PZhang JSong FChen T(2020)Formal Verification of Masking Countermeasures for Arithmetic ProgramsIEEE Transactions on Software Engineering10.1109/TSE.2020.3008852(1-1)Online publication date: 2020
https://doi.org/10.1109/TSE.2020.3008852
Vuppala SMady AKuenzi A(2020)Moving Target Defense Mechanism for Side-Channel AttacksIEEE Systems Journal10.1109/JSYST.2019.292258914:2(1810-1819)Online publication date: Jun-2020
https://doi.org/10.1109/JSYST.2019.2922589
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten