Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives

Thomas Unterluggauer, Mario Werner, Stefan Mangard

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Memory encryption is used in many devices to protect memory content from attackers with physical access to a device. However, many current memory encryption schemes can be broken using Differential Power Analysis (DPA). In this work, we present Meas—the first Memory Encryption and Authentication Scheme providing security against DPA attacks. The scheme combines ideas from fresh re-keying and authentication trees by storing encryption keys in a tree structure to thwart first-order DPA without the need for DPA-protected cryptographic primitives. Therefore, the design strictly limits the use of every key to encrypt at most two different plaintext values. Meas prevents higher-order DPA without changes to the cipher implementation by using masking of the plaintext values. Meas is applicable to all kinds of memory, e.g., NVM and RAM, and has memory overhead comparable to existing memory authentication techniques without DPA protection, e.g., 7.3% for a block size fitting standard disk sectors.
Original languageEnglish
Title of host publicationACM Asia Conference on Computer and Communications Security - ASIACCS'17
PublisherAssociation of Computing Machinery
Pages690-702
DOIs
Publication statusPublished - 2017
EventACM Asia Conference on Computer and Communications Security - Abu Dhabi, United Arab Emirates
Duration: 2 Apr 20176 Apr 2017

Conference

ConferenceACM Asia Conference on Computer and Communications Security
Abbreviated titleASIACCS
CountryUnited Arab Emirates
CityAbu Dhabi
Period2/04/176/04/17

Keywords

  • memory encryption
  • memory authentication
  • side-channel attack
  • DPA

Fingerprint Dive into the research topics of 'Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives'. Together they form a unique fingerprint.

  • Cite this

    Unterluggauer, T., Werner, M., & Mangard, S. (2017). Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives. In ACM Asia Conference on Computer and Communications Security - ASIACCS'17 (pp. 690-702). Association of Computing Machinery. https://doi.org/10.1145/3052973.3052985