Sponge-Based Control-Flow Protection for IoT Devices

Mario Werner, Thomas Unterluggauer, David Schaffenrath, Stefan Mangard

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

Embedded devices in the Internet of Things (IoT) face a wide variety of security challenges. For example, software attackers perform code injection and code-reuse attacks on their remote interfaces, and physical access to IoT devices allows to tamper with code in memory, steal confidential Intellectual Property (IP), or mount fault attacks to manipulate a CPU's control flow.
In this work, we present Sponge-based Control Flow Protection (SCFP). SCFP is a stateful, sponge-based scheme to ensure the confidentiality of software IP and its authentic execution on IoT devices. At compile time, SCFP encrypts and authenticates software with instruction-level granularity. During execution, an SCFP hardware extension between the CPU's fetch and decode stage continuously decrypts and authenticates instructions. Sponge-based authenticated encryption in SCFP yields fine-grained control-flow integrity and thus prevents code-reuse, code-injection, and fault attacks on the code and the control flow. In addition, SCFP withstands any modification of software in memory. For evaluation, we extended a RISC-V core with SCFP and fabricated a real System on Chip (SoC). The average overhead in code size and execution time of SCFP on this design is 19.8% and 9.1%, respectively, and thus meets the requirements of embedded IoT devices.
Original languageEnglish
Title of host publication2018 IEEE European Symposium on Security and Privacy
PublisherInstitute of Electrical and Electronics Engineers
Publication statusPublished - 2018
Event2018 IEEE European Symposium on Security and Privacy - London, United Kingdom
Duration: 24 Apr 201826 Apr 2018

Conference

Conference2018 IEEE European Symposium on Security and Privacy
Abbreviated titleEuroS&P 2018
Country/TerritoryUnited Kingdom
CityLondon
Period24/04/1826/04/18

Keywords

  • control-flow protection
  • fault attacks
  • countermeasures
  • authenticated encryption
  • sponges

Fingerprint

Dive into the research topics of 'Sponge-Based Control-Flow Protection for IoT Devices'. Together they form a unique fingerprint.

Cite this