Concealing Secrets in Embedded Processors Designs

Hannes Groß, Manuel Jelinek, Stefan Mangard, Thomas Unterluggauer, Mario Werner

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Side-channel analysis (SCA) attacks pose a serious threat to embedded systems. So far, the research on masking as a countermeasure against SCA focuses merely on cryptographic algorithms, and has either been implemented for particular hardware or software implementations. However, the drawbacks of protecting specific implementations are the lack of flexibility in terms of used algorithms, the impossibility to update protected hardware implementations, and long development cycles for protecting new algorithms. Furthermore, cryptographic algorithms are usually just one part of an embedded system that operates on informational assets. Protecting only this part of a system is thus not sufficient for most security critical embedded applications.

In this work, we introduce a flexible, SCA-protected processor design based on the open-source V-scale RISC-V processor. The introduced processor design can be synthesized to defeat SCA attacks of arbitrary attack order. Once synthesized, the processor protects the computation on security-sensitive data against side-channel leakage. The benefits of our approach are (1) flexibility and updatability, (2) faster development of SCA-protected systems, (3) transparency for software developers, (4) arbitrary SCA protection level, (5) protection not only for cryptographic algorithms, but against leakage in general caused by processing sensitive data.
Original languageEnglish
Title of host publication15th Smart Card Research and Advanced Application Conference - CARDIS 2016
Pages89-104
DOIs
Publication statusPublished - 2017
Event15th Smart Card Research and Advanced Application Conference : 15th Smart Card Research and Advanced Application Conference - Cannes, France
Duration: 7 Nov 20169 Nov 2016

Conference

Conference15th Smart Card Research and Advanced Application Conference
Abbreviated titleCARDIS
CountryFrance
CityCannes
Period7/11/169/11/16

Fingerprint

Embedded systems
Hardware
Reduced instruction set computing
Transparency
Processing

Keywords

  • protected CPU
  • domain-oriented masking
  • masking
  • side-channel protection
  • threshold implementations
  • RISC-V
  • V-scale

Cite this

Groß, H., Jelinek, M., Mangard, S., Unterluggauer, T., & Werner, M. (2017). Concealing Secrets in Embedded Processors Designs. In 15th Smart Card Research and Advanced Application Conference - CARDIS 2016 (pp. 89-104) https://doi.org/10.1007/978-3-319-54669-8_6

Concealing Secrets in Embedded Processors Designs. / Groß, Hannes; Jelinek, Manuel; Mangard, Stefan; Unterluggauer, Thomas; Werner, Mario.

15th Smart Card Research and Advanced Application Conference - CARDIS 2016. 2017. p. 89-104.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Groß, H, Jelinek, M, Mangard, S, Unterluggauer, T & Werner, M 2017, Concealing Secrets in Embedded Processors Designs. in 15th Smart Card Research and Advanced Application Conference - CARDIS 2016. pp. 89-104, 15th Smart Card Research and Advanced Application Conference , Cannes, France, 7/11/16. https://doi.org/10.1007/978-3-319-54669-8_6
Groß H, Jelinek M, Mangard S, Unterluggauer T, Werner M. Concealing Secrets in Embedded Processors Designs. In 15th Smart Card Research and Advanced Application Conference - CARDIS 2016. 2017. p. 89-104 https://doi.org/10.1007/978-3-319-54669-8_6
Groß, Hannes ; Jelinek, Manuel ; Mangard, Stefan ; Unterluggauer, Thomas ; Werner, Mario. / Concealing Secrets in Embedded Processors Designs. 15th Smart Card Research and Advanced Application Conference - CARDIS 2016. 2017. pp. 89-104
@inproceedings{5ee6d7081364450e87d919c536745a7e,
title = "Concealing Secrets in Embedded Processors Designs",
abstract = "Side-channel analysis (SCA) attacks pose a serious threat to embedded systems. So far, the research on masking as a countermeasure against SCA focuses merely on cryptographic algorithms, and has either been implemented for particular hardware or software implementations. However, the drawbacks of protecting specific implementations are the lack of flexibility in terms of used algorithms, the impossibility to update protected hardware implementations, and long development cycles for protecting new algorithms. Furthermore, cryptographic algorithms are usually just one part of an embedded system that operates on informational assets. Protecting only this part of a system is thus not sufficient for most security critical embedded applications.In this work, we introduce a flexible, SCA-protected processor design based on the open-source V-scale RISC-V processor. The introduced processor design can be synthesized to defeat SCA attacks of arbitrary attack order. Once synthesized, the processor protects the computation on security-sensitive data against side-channel leakage. The benefits of our approach are (1) flexibility and updatability, (2) faster development of SCA-protected systems, (3) transparency for software developers, (4) arbitrary SCA protection level, (5) protection not only for cryptographic algorithms, but against leakage in general caused by processing sensitive data.",
keywords = "protected CPU, domain-oriented masking, masking, side-channel protection, threshold implementations, RISC-V, V-scale",
author = "Hannes Gro{\ss} and Manuel Jelinek and Stefan Mangard and Thomas Unterluggauer and Mario Werner",
year = "2017",
doi = "10.1007/978-3-319-54669-8_6",
language = "English",
pages = "89--104",
booktitle = "15th Smart Card Research and Advanced Application Conference - CARDIS 2016",

}

TY - GEN

T1 - Concealing Secrets in Embedded Processors Designs

AU - Groß, Hannes

AU - Jelinek, Manuel

AU - Mangard, Stefan

AU - Unterluggauer, Thomas

AU - Werner, Mario

PY - 2017

Y1 - 2017

N2 - Side-channel analysis (SCA) attacks pose a serious threat to embedded systems. So far, the research on masking as a countermeasure against SCA focuses merely on cryptographic algorithms, and has either been implemented for particular hardware or software implementations. However, the drawbacks of protecting specific implementations are the lack of flexibility in terms of used algorithms, the impossibility to update protected hardware implementations, and long development cycles for protecting new algorithms. Furthermore, cryptographic algorithms are usually just one part of an embedded system that operates on informational assets. Protecting only this part of a system is thus not sufficient for most security critical embedded applications.In this work, we introduce a flexible, SCA-protected processor design based on the open-source V-scale RISC-V processor. The introduced processor design can be synthesized to defeat SCA attacks of arbitrary attack order. Once synthesized, the processor protects the computation on security-sensitive data against side-channel leakage. The benefits of our approach are (1) flexibility and updatability, (2) faster development of SCA-protected systems, (3) transparency for software developers, (4) arbitrary SCA protection level, (5) protection not only for cryptographic algorithms, but against leakage in general caused by processing sensitive data.

AB - Side-channel analysis (SCA) attacks pose a serious threat to embedded systems. So far, the research on masking as a countermeasure against SCA focuses merely on cryptographic algorithms, and has either been implemented for particular hardware or software implementations. However, the drawbacks of protecting specific implementations are the lack of flexibility in terms of used algorithms, the impossibility to update protected hardware implementations, and long development cycles for protecting new algorithms. Furthermore, cryptographic algorithms are usually just one part of an embedded system that operates on informational assets. Protecting only this part of a system is thus not sufficient for most security critical embedded applications.In this work, we introduce a flexible, SCA-protected processor design based on the open-source V-scale RISC-V processor. The introduced processor design can be synthesized to defeat SCA attacks of arbitrary attack order. Once synthesized, the processor protects the computation on security-sensitive data against side-channel leakage. The benefits of our approach are (1) flexibility and updatability, (2) faster development of SCA-protected systems, (3) transparency for software developers, (4) arbitrary SCA protection level, (5) protection not only for cryptographic algorithms, but against leakage in general caused by processing sensitive data.

KW - protected CPU

KW - domain-oriented masking

KW - masking

KW - side-channel protection

KW - threshold implementations

KW - RISC-V

KW - V-scale

U2 - 10.1007/978-3-319-54669-8_6

DO - 10.1007/978-3-319-54669-8_6

M3 - Conference contribution

SP - 89

EP - 104

BT - 15th Smart Card Research and Advanced Application Conference - CARDIS 2016

ER -