research-article

Formal Verification of Software Countermeasures against Side-Channel Attacks

Authors:

Patrick SchaumontAuthors Info & Claims

ACM Transactions on Software Engineering and Methodology (TOSEM), Volume 24, Issue 2

Article No.: 11, Pages 1 - 24

https://doi.org/10.1145/2685616

Published: 23 December 2014 Publication History

Abstract

A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both labor intensive and error prone and, currently, there is a lack of automated tools to formally assess how secure a countermeasure really is. We propose the first SMT-solver-based method for formally verifying the security of a masking countermeasure against such attacks. In addition to checking whether the sensitive data are masked by random variables, we also check whether they are perfectly masked, that is, whether the intermediate computation results in the implementation of a cryptographic algorithm are independent of the secret key. We encode this verification problem using a series of quantifier-free first-order logic formulas, whose satisfiability can be decided by an off-the-shelf SMT solver. We have implemented the proposed method in a software verification tool based on the LLVM compiler frontend and the Yices SMT solver. Our experiments on a set of recently proposed masking countermeasures for cryptographic algorithms such as AES and MAC-Keccak show the method is both effective in detecting power side-channel leaks and scalable for practical use.

References

[1]

Johan Agat. 2000. Transforming out timing leaks. In Proceedings of the 27^th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL'00). 40--53.

Digital Library

[2]

Giovanni Agosta, Alessandro Barenghi, and Gerardo Pelosi. 2012. A code morphing methodology to automate power analysis countermeasures. In Proceedings of the 49^th Annual ACM/IEEE Design Automation Conference (DAC'12). 77--82.

Digital Library

[3]

Michael Backes, Boris Kopf, and Andrey Rybalchenko. 2009. Automatic discovery and quantification of information leaks. In Proceedings of the 30^th IEEE Symposium on Security and Privacy (SP'09). 141--153.

Digital Library

[4]

Josep Balasch, Benedikt Gierlichs, Roel Verdult, Lejla Batina, and Ingrid Verbauwhede. 2012. Power analysis of atmel cryptomemory - Recovering keys from secure eeproms. In Proceedings of the Cryptographers' Track at the RSA Conference (CT-RSA'12). 19--34.

Digital Library

[5]

Gilles Barthe, Boris Kopf, Laurent Mauborgne, and Martin Ochoa. 2014. Leakage resilience against concurrent cache attacks. In Proceedings of the 3^rd International Conference on Principles of Security and Trust (POST'14). 140--158.

[6]

Ali Bayrak, Francesco Regazzoni, David Novo, and Paolo Ienne. 2013. Sleuth: Automated verification of software power analysis countermeasures. In Proceedings of the 15^th International Workshop Cryptographic Hardware and Embedded Systems (CHES'13). 293--310.

Digital Library

[7]

Ali Galip Bayrak, Francesco Regazzoni, Philip Brisk, Francois-Xavier Standaert, and Paolo Ienne. 2011. A first step towards automatic application of power analysis countermeasures. In Proceedings of the 48^th ACM/EDAC/IEEE Design Automation Conference (DAC'11). 230--235.

Digital Library

[8]

Guido Bertoni, Joan Daemen, Michael Peeters, Gilles Van Assche, and Ronny Van Keer. 2013. Keccak implementation overview. http://keccak.neokeon.org/Keccak-implementation-3.2.pdf.

[9]

Armin Biere, Alessandro Cimatti, Edmund Clarke, Masahiro Fujita, and Yunshan Zhu. 1999. Symbolic model checking using sat procedures instead of BDDS. In Proceedings of the 36^th Annual ACM/IEEE Design Automation Conference (DAC'99). 317--326.

Digital Library

[10]

Eli Biham and Adi Shamir. 1997. Differential fault analysis of secret key cryptosystems. In Proceedings of the 17^th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO'97). 513--525.

Digital Library

[11]

Johannes Blomer, Jorge Guajardo, and Volker Krummel. 2004. Provably secure masking of AES. In Proceedings of the 11^th International Conference on Selected Areas in Cryptography (SAC'04). 69--83.

Digital Library

[12]

David Canright and Lejla Batina. 2008. A very compact “perfectly masked” s-box for AES. In Proceedings of the 6^th International Conference on Applied Cryptography and Network Security (ACNS'08). 446--459.

Digital Library

[13]

Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards sound approaches to counteract power-analysis attacks. In Proceedings of the 19^th Annual International Cryptology Conference (CRYPTO'99). 398--412.

Digital Library

[14]

Edmund M. Clarke, Orna Grumberg, and Doron A. Peled. 1999. Model Checking. MIT Press, Cambridge, MA.

Digital Library

[15]

Goran Doychev, Dominik Feld, Boris Kopf, Laurent Mauborgne, and Jan Reineke. 2013. CacheAudit: A tool for the static analysis of cache side channels. In Proceedings of the 22^nd USENIX Conference on Security (SEC'13). 431--446.

Digital Library

[16]

Bruno Dutertre and Leonardo de Moura. 2006. A fast linear-arithmetic solver for DPLL(t). In Proceedings of the 18^th International Conference on Computer Aided Verification (CAV'06). Springer, 81--94.

Digital Library

[17]

Hassan Eldib and Chao Wang. 2014. Synthesis of masking countermeasures against side channel attacks. In Proceedings of the International Conference on Computer Aided Verification (CAV'14). 114--130.

Digital Library

[18]

Hassan Eldib, Chao Wang, and Patrick Schaumont. 2014a. SMT based verification of software countermeasures against side-channel attacks. In Proceedings of the International Conference on Tools and Algorithms for Construction and Analysis of Systems (TACAS'14). 62--77.

[19]

Hassan Eldib, Chao Wang, Mostafa Taha, and Patrick Schaumont. 2014b. QMS: Evaluating the side-channel resistance of masked software from source code. In Proceedings of the 51^st Annual Design Automation Conference (DAC'14). 1--6.

Digital Library

[20]

Louis Goubin. 2001. A sound method for switching between boolean and arithmetic masking. In Proceedings of the 3^rd International Workshop on Cryptographic Hardware and Embedded Systems (CHES'01). 3--15.

Digital Library

[21]

Philipp Grabher, Johann Großschadl, and Dan Page. 2007. Cryptographic side-channels from low-power cache memory. In Proceedings of the 11^th IMA International Conference on Cryptography and Coding. 170--184.

Digital Library

[22]

Christoph Herbst, Elisabeth Oswald, and Stefan Mangard. 2006. An AES smart card implementation resistant to power analysis attacks. In Proceedings of the 4^th International Conference on Applied Cryptography and Network Security (ACNS'06). 239--252.

Digital Library

[23]

Marc Joye, Pascal Paillier, and Berry Schoenmakers. 2005. On second-order differential power analysis. In Proceedings of the 7^th International Conference on Cryptographic Hardware and Embedded Systems (CHES'05). 293--308.

Digital Library

[24]

Paul C. Kocher. 1996. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of the International Cryptology Conference (CRYPTO'96). 104--113.

Digital Library

[25]

Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In Proceedings of the International Cryptology Conference (CRYPTO'99). 388--397.

Digital Library

[26]

Boris Kopf and Markus Durmuth. 2009. A provably secure and efficient countermeasure against timing attacks. In Proceedings of the 22^nd IEEE Symposium on Computer Security Foundations (CSF'09). 324--335.

Digital Library

[27]

Boris Kopf, Laurent Mauborgne, and Martin Ochoa. 2012. Automatic quantification of cache side-channels. In Proceedings of the 24^th International Conference on Computer Aided Verification (CAV'12). 564--580.

Digital Library

[28]

Chris Lattner and Vikram S. Adve. 2004. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the IEEE/ACM International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization (CGO'04). 75--88.

Digital Library

[29]

Bing Li, Chao Wang, and Fabio Somenzi. 2005. Abstraction refinement in symbolic model checking using satisfiability as the only decision procedure. Int. J. Softw. Tools Technol. Transfer 7, 2, 143--155.

Digital Library

[30]

Stefan Mangard, Elisabeth Oswald, and Thomas Popp. 2007. Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer.

[31]

Thomas S. Messerges. 2000. Securing the AES finalists against power analysis attacks. In Proceedings of the 7^th International Workshop on Fast Software Encryption (FSE'00). 150--164.

Digital Library

[32]

Amir Moradi, Alessandro Barenghi, Timo Kasper, and Christof Paar. 2011a. On the vulnerability of FPGA bitstream encryption against power analysis attacks: Extracting keys from Xilinx Virtex-ii FPGAs. In Proceedings of the 18^th ACM Conference on Computer and Communications Security (CCS'11). 111--124.

Digital Library

[33]

Amir Moradi, Axel Poschmann, San Ling, Christof Paar, and Huaxiong Wang. 2011b. Pushing the limits: A very compact and a threshold implementation of AES. In Proceedings of the 30^th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'11). 69--88.

Digital Library

[34]

Andrew Moss, Elisabeth Oswald, Dan Page, and Michael Tunstall. 2012. Compiler assisted masking. In Proceedings of the 14^th International Workshop on Cryptographic Hardware and Embedded Systems (CHES'12). 58--75.

Digital Library

[35]

NIST. 2013. Keccak reference code submission to NIST's SHA-3 competition (round 3). http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/documents/Keccak FinalRnd.zip.

[36]

Elisabeth Oswald, Stefan Mangard, Norbert Pramstaller, and Vincent Rijmen. 2005. A side-channel analysis resistant description of the AES s-box. In Proceedings of the International Workshop on Fast Software Encryption (FSE'05). 413--423.

Digital Library

[37]

Christof Paar, Thomas Eisenbarth, Markus Kasper, Timo Kasper, and Amir Moradi. 2009. KeeLoq and side-channel analysis-Evolution of an attack. In Proceedings of the International Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC'09). 65--69.

Digital Library

[38]

Emmanuel Prouff and Matthieu Rivain. 2013. Masking against side-channel attacks: A formal security proof. In Proceedings of the 32^nd Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT'13). Springer, 142--159.

[39]

Andrei Sabelfeld and Andrew C. Myers. 2003. Language-based information-flow security. IEEE J. Select. Areas Comm. 21, 1, 5--19.

Digital Library

[40]

Mostafa Taha and Patrick Schaumont. 2013. Differential power analysis of MAC-Keccak at any key-length. In Proceedings of the International Conference on Advances in Information and Computer Security (IWSEC'13). 68--82.

[41]

Chao Wang, Gary D. Hachhtel, and Fabio Somenzi. 2006. Abstraction Refinement for Large Scale Model Checking. Springer.

Digital Library

[42]

Chao Wang, Zijiang Yang, Franjo Ivancic, and Aarti Gupta. 2007. Disjunctive image computation for software verification. ACM Trans. Des. Autom. Electronic Syst. 12, 2.

Digital Library

[43]

XILINX. 2014. MicroBlaze soft processor core. http://www.xilinx.com/tools/microblaze.htm.

[44]

Zijiang Yang, Chao Wang, Aarti Gupta, and Franjo Ivancic. 2009. Model checking sequential software programs via mixed symbolic analysis. ACM Trans. Des. Autom. Electronic Syst. 14, 1.

Digital Library

Cited By

Gao PSong FChen T(2024)Compositional Verification of First-Order Masking Countermeasures against Power Side-Channel AttacksACM Transactions on Software Engineering and Methodology10.1145/363570733:3(1-38)Online publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1145/3635707
Chen CKande RNguyen NAndersen FTyagi ASadeghi ARajendran JCalandrino JTroncoso C(2023)HyPFuzzProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620314(1361-1378)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620314
Gao PZhang YSong FChen TStandaert F(2023)Compositional Verification of Efficient Masking Countermeasures against Side-Channel AttacksProceedings of the ACM on Programming Languages10.1145/36228627:OOPSLA2(1817-1847)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622862
Show More Cited By

Recommendations

Verifying and Quantifying Side-channel Resistance of Masked Software Implementations

Power side-channel attacks, capable of deducing secret data using statistical analysis, have become a serious threat. Random masking is a widely used countermeasure for removing the statistical dependence between secret data and side-channel ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
Abstract
Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
One-Sided Countermeasures for Side-Channel Attacks Can Backfire
WiSec '18: Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks

Side-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Software Engineering and Methodology

ACM Transactions on Software Engineering and Methodology Volume 24, Issue 2

December 2014

224 pages

ISSN:1049-331X

EISSN:1557-7392

DOI:10.1145/2702120

Editor:
David S. Rosenblum
National University of Singapore, Singapore

Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 December 2014

Accepted: 01 September 2014

Revised: 01 August 2014

Received: 01 June 2014

Published in TOSEM Volume 24, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
673
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)7

Reflects downloads up to 01 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gao PSong FChen T(2024)Compositional Verification of First-Order Masking Countermeasures against Power Side-Channel AttacksACM Transactions on Software Engineering and Methodology10.1145/363570733:3(1-38)Online publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1145/3635707
Chen CKande RNguyen NAndersen FTyagi ASadeghi ARajendran JCalandrino JTroncoso C(2023)HyPFuzzProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620314(1361-1378)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620314
Gao PZhang YSong FChen TStandaert F(2023)Compositional Verification of Efficient Masking Countermeasures against Side-Channel AttacksProceedings of the ACM on Programming Languages10.1145/36228627:OOPSLA2(1817-1847)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622862
Kurnia FVenkataramani A(2023)Oblivious PaxosProceedings of the 2023 ACM Symposium on Cloud Computing10.1145/3620678.3624647(65-80)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3620678.3624647
Nair MSadhukhan RPearce HMukhopadhyay DKarri RHong Chang CRuhrmair UBatina LForte D(2023)Netlist Whisperer: AI and NLP Fight Circuit Leakage!Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security10.1145/3605769.3623989(83-92)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3605769.3623989
Ghimire ASingh HBhatta NAmsaad F(2023)Potential of Unsupervised Deep Learning for Detection of EM Side-Channel Attacks2023 IEEE Physical Assurance and Inspection of Electronics (PAINE)10.1109/PAINE58317.2023.10317979(1-6)Online publication date: 24-Oct-2023
https://doi.org/10.1109/PAINE58317.2023.10317979
Aljuffri ASaxena MReinbrecht CHamdioui STaouil M(2023)A Pre-Silicon Power Leakage Assessment Based on Generative Adversarial Networks2023 26th Euromicro Conference on Digital System Design (DSD)10.1109/DSD60849.2023.00022(87-94)Online publication date: 6-Sep-2023
https://doi.org/10.1109/DSD60849.2023.00022
Tsoupidi RLozano RTroubitsyna EPapadimitratos P(2023)Securing Optimized Code Against Power Side Channels2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00016(340-355)Online publication date: Jul-2023
https://doi.org/10.1109/CSF57540.2023.00016
Javeed AYilmaz CSavas E(2023)Microarchitectural Side-Channel Threats, Weaknesses and Mitigations: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.327575711(48945-48976)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3275757
Lotz KKulczynski MNowotka DPoulsen DSchlichtkrull A(2023)Verified Verifying: SMT-LIB for Strings in IsabelleImplementation and Application of Automata10.1007/978-3-031-40247-0_15(206-217)Online publication date: 19-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-40247-0_15
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents