Compiler-Assisted Loop Hardening Against Fault Attacks - Sorbonne Université
Article Dans Une Revue ACM Transactions on Architecture and Code Optimization Année : 2017

Compiler-Assisted Loop Hardening Against Fault Attacks

Julien Proy
  • Fonction : Auteur
Alexandre Berzati
  • Fonction : Auteur
Albert Cohen

Résumé

Secure elements widely used in smartphones, digital consumer electronics, and payment systems are subject to fault attacks. To thwart such attacks, software protections are manually inserted requiring experts and time. The explosion of the Internet of Things (IoT) in home, business, and public spaces motivates the hardening of a wider class of applications and the need to offer security solutions to non-experts. This article addresses the automated protection of loops at compilation time, covering the widest range of control- and data-flow patterns, in both shape and complexity. The security property we consider is that a sensitive loop must always perform the expected number of iterations; otherwise, an attack must be reported. We propose a generic compile-time loop hardening scheme based on the duplication of termination conditions and of the computations involved in the evaluation of such conditions. We also investigate how to preserve the security property along the compilation flow while enabling aggressive optimizations. We implemented this algorithm in LLVM 4.0 at the Intermediate Representation (IR) level in the backend. On average, the compiler automatically hardens 95% of the sensitive loops of typical security benchmarks, and 98% of these loops are shown to be robust to simulated faults. Performance and code size overhead remain quite affordable, at 12.5% and 14%, respectively.

Dates et versions

hal-01657542 , version 1 (06-12-2017)

Identifiants

Citer

Julien Proy, Karine Heydemann, Alexandre Berzati, Albert Cohen. Compiler-Assisted Loop Hardening Against Fault Attacks. ACM Transactions on Architecture and Code Optimization, 2017, 14 (4), pp.36. ⟨10.1145/3141234⟩. ⟨hal-01657542⟩
422 Consultations
0 Téléchargements

Altmetric

Partager

More