Securing Conditional Branches in the Presence of Fault Attacks

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

In typical software, many comparisons and subsequent branch operations are highly critical in terms of security. Examples include password checks, signature checks, secure boot, and user privilege checks. For embedded devices, these security-critical branches are a preferred target of fault attacks as a single bit flip or skipping a single instruction can lead to complete access to a system. In the past, numerous redundancy schemes have been proposed in order to provide control-flow-integrity (CFI) and to enable error detection on processed data. However, current countermeasures for general purpose software do not provide protection mechanisms for conditional branches. Hence, critical branches are in practice often simply duplicated. We present a generic approach to protect conditional branches, which links an encoding-based comparison result with the redundancy of CFI protection mechanisms. The presented approach can be used for all types of data encodings and CFI mechanisms and maintains their error-detection capabilities throughout all steps of a conditional branch. We demonstrate our approach by realizing an encoded comparison based on AN-codes, which is a frequently used encoding scheme to detect errors on data during arithmetic operations. We extended the LLVM compiler so that standard code and conditional branches can be protected automatically and analyze its security. Our design shows that the overhead in terms of size and runtime is lower than state-of-the-art duplication schemes.
Originalsprachedeutsch
TitelDesign, Automation & Test in Europe Conference - DATE 2018
UntertitelInstitute of Electrical and Electronics Engineers
DOIs
PublikationsstatusVeröffentlicht - Mär 2018
VeranstaltungDesign, Automation & Test in Europe Conference 2018 - Dresden, Deutschland
Dauer: 19 Mär 201823 Mär 2018

Konferenz

KonferenzDesign, Automation & Test in Europe Conference 2018
LandDeutschland
Zeitraum19/03/1823/03/18

Schlagwörter

  • control-flow integrity
  • countermeasures
  • conditional branch
  • fault attacks

Dieses zitieren