Compiler-Assisted Loop Hardening Against Fault Attacks

Julien Proy 1 Karine Heydemann 2, 3 Alexandre Berzati 1 Albert Cohen 4
3 ALSOC - Architecture et Logiciels pour Systèmes Embarqués sur Puce
LIP6 - Laboratoire d'Informatique de Paris 6
4 Parkas - Parallélisme de Kahn Synchrone
DI-ENS - Département d'informatique de l'École normale supérieure, CNRS - Centre National de la Recherche Scientifique, Inria de Paris
Abstract : Secure elements widely used in smartphones, digital consumer electronics, and payment systems are subject to fault attacks. To thwart such attacks, software protections are manually inserted requiring experts and time. The explosion of the Internet of Things (IoT) in home, business, and public spaces motivates the hardening of a wider class of applications and the need to offer security solutions to non-experts. This article addresses the automated protection of loops at compilation time, covering the widest range of control- and data-flow patterns, in both shape and complexity. The security property we consider is that a sensitive loop must always perform the expected number of iterations; otherwise, an attack must be reported. We propose a generic compile-time loop hardening scheme based on the duplication of termination conditions and of the computations involved in the evaluation of such conditions. We also investigate how to preserve the security property along the compilation flow while enabling aggressive optimizations. We implemented this algorithm in LLVM 4.0 at the Intermediate Representation (IR) level in the backend. On average, the compiler automatically hardens 95% of the sensitive loops of typical security benchmarks, and 98% of these loops are shown to be robust to simulated faults. Performance and code size overhead remain quite affordable, at 12.5% and 14%, respectively.
Type de document :
Article dans une revue
ACM Transactions on Architecture and Code Optimization, Association for Computing Machinery, 2017, 14 (4), pp.36. 〈10.1145/3141234〉
Liste complète des métadonnées

https://hal.sorbonne-universite.fr/hal-01657542
Contributeur : Karine Heydemann <>
Soumis le : mercredi 6 décembre 2017 - 19:26:08
Dernière modification le : lundi 4 juin 2018 - 10:14:02

Identifiants

Collections

Citation

Julien Proy, Karine Heydemann, Alexandre Berzati, Albert Cohen. Compiler-Assisted Loop Hardening Against Fault Attacks. ACM Transactions on Architecture and Code Optimization, Association for Computing Machinery, 2017, 14 (4), pp.36. 〈10.1145/3141234〉. 〈hal-01657542〉

Partager

Métriques

Consultations de la notice

324