The growing Internet of Things (IoT) market demands side-channel attack resistant, efficient, cryptographic implementations. Such implementations, however, are microarchitecture-specific, and cannot be implemented without an in-depth structural knowledge of the CPU and memory information leakage patterns; a description of such information leakages is presently not disclosed by any processor design company. In this work we propose the first Instruction Set Architecture (ISA) level framework for microarchitectural leakage characterization. Our framework allows to extract a microarchitectural leakage profile from any superscalar in-order processor; we infer detailed pipeline characteristics through the observation of instruction timings, and provide an identification of the datapath registers via a side-channel measuring setup. The extracted model can serve as a foundation for building solid countermeasures against side-channel attacks on software cryptographic implementations. We validate the extracted models on the ARM Cortex-M4 and ARM Cortex-M7 CPUs, the latter being the most powerful CPU of the ARM microcontrollers offer. Finally, as a further demonstration of our model’s accuracy, we mount a successful attack on unprotected AES implementations for each of the examined platforms.

Exploring Cortex-M Microarchitectural Side Channel Information Leakage

Barenghi A.;Breveglieri L.;Izzo N.;Pelosi G.
2021

Abstract

The growing Internet of Things (IoT) market demands side-channel attack resistant, efficient, cryptographic implementations. Such implementations, however, are microarchitecture-specific, and cannot be implemented without an in-depth structural knowledge of the CPU and memory information leakage patterns; a description of such information leakages is presently not disclosed by any processor design company. In this work we propose the first Instruction Set Architecture (ISA) level framework for microarchitectural leakage characterization. Our framework allows to extract a microarchitectural leakage profile from any superscalar in-order processor; we infer detailed pipeline characteristics through the observation of instruction timings, and provide an identification of the datapath registers via a side-channel measuring setup. The extracted model can serve as a foundation for building solid countermeasures against side-channel attacks on software cryptographic implementations. We validate the extracted models on the ARM Cortex-M4 and ARM Cortex-M7 CPUs, the latter being the most powerful CPU of the ARM microcontrollers offer. Finally, as a further demonstration of our model’s accuracy, we mount a successful attack on unprotected AES implementations for each of the examined platforms.
IEEE ACCESS
Computer Security
Correlation Power Analysis
Cryptography
Embedded Systems Security
Microarchitectural Reverse Engineering
Microarchitecture
Side Channel Attack Countermeasures
Side-channel attacks
File in questo prodotto:
File Dimensione Formato  
Exploring_Cortex-M_Microarchitectural_Side_Channel_Information_Leakage.pdf

accesso aperto

Descrizione: main paper
: Publisher’s version
Dimensione 6.64 MB
Formato Adobe PDF
6.64 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11311/1191836
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact