Compiler-Assisted Loop Hardening Against Fault Attacks

Julien Proy 1 Karine Heydemann 2, 3 Alexandre Berzati 1 Albert Cohen 4
3 ALSOC - Architecture et Logiciels pour Systèmes Embarqués sur Puce
LIP6 - Laboratoire d'Informatique de Paris 6
4 Parkas - Parallélisme de Kahn Synchrone
Inria de Paris, DI-ENS - Département d'informatique de l'École normale supérieure, CNRS - Centre National de la Recherche Scientifique
Abstract : Secure elements widely used in smartphones, digital consumer electronics, and payment systems are subject to fault attacks. To thwart such attacks, software protections are manually inserted requiring experts and time. The explosion of the Internet of Things (IoT) in home, business, and public spaces motivates the hardening of a wider class of applications and the need to offer security solutions to non-experts. This article addresses the automated protection of loops at compilation time, covering the widest range of control- and data-flow patterns, in both shape and complexity. The security property we consider is that a sensitive loop must always perform the expected number of iterations; otherwise, an attack must be reported. We propose a generic compile-time loop hardening scheme based on the duplication of termination conditions and of the computations involved in the evaluation of such conditions. We also investigate how to preserve the security property along the compilation flow while enabling aggressive optimizations. We implemented this algorithm in LLVM 4.0 at the Intermediate Representation (IR) level in the backend. On average, the compiler automatically hardens 95% of the sensitive loops of typical security benchmarks, and 98% of these loops are shown to be robust to simulated faults. Performance and code size overhead remain quite affordable, at 12.5% and 14%, respectively.
Liste complète des métadonnées
Contributor : Karine Heydemann <>
Submitted on : Wednesday, December 6, 2017 - 7:26:08 PM
Last modification on : Friday, March 22, 2019 - 1:41:51 AM



Julien Proy, Karine Heydemann, Alexandre Berzati, Albert Cohen. Compiler-Assisted Loop Hardening Against Fault Attacks. ACM Transactions on Architecture and Code Optimization, Association for Computing Machinery, 2017, 14 (4), pp.36. ⟨10.1145/3141234⟩. ⟨hal-01657542⟩



Record views