Securing Conditional Branches in the Presence of Fault Attacks

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In typical software, many comparisons and subsequent branch operations are highly critical in terms of security. Examples include password checks, signature checks, secure boot, and user privilege checks. For embedded devices, these security-critical branches are a preferred target of fault attacks as a single bit flip or skipping a single instruction can lead to complete access to a system. In the past, numerous redundancy schemes have been proposed in order to provide control-flow-integrity (CFI) and to enable error detection on processed data. However, current countermeasures for general purpose software do not provide protection mechanisms for conditional branches. Hence, critical branches are in practice often simply duplicated. We present a generic approach to protect conditional branches, which links an encoding-based comparison result with the redundancy of CFI protection mechanisms. The presented approach can be used for all types of data encodings and CFI mechanisms and maintains their error-detection capabilities throughout all steps of a conditional branch. We demonstrate our approach by realizing an encoded comparison based on AN-codes, which is a frequently used encoding scheme to detect errors on data during arithmetic operations. We extended the LLVM compiler so that standard code and conditional branches can be protected automatically and analyze its security. Our design shows that the overhead in terms of size and runtime is lower than state-of-the-art duplication schemes.
Original languageGerman
Title of host publicationDesign, Automation & Test in Europe Conference - DATE 2018
Subtitle of host publicationInstitute of Electrical and Electronics Engineers
DOIs
Publication statusPublished - Mar 2018
EventDesign, Automation & Test in Europe Conference 2018 - Dresden, Germany
Duration: 19 Mar 201823 Mar 2018

Conference

ConferenceDesign, Automation & Test in Europe Conference 2018
CountryGermany
Period19/03/1823/03/18

Cite this