Automated so ware protection for the masses against side-channel a acks

ing with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior speci c permission and/or a fee. Request permissions from permissions@acm.org. © 2017 ACM. XXXX-XXXX/2017/1-ART1 $15.00 DOI: 10.1145/nnnnnnn.nnnnnnn ACM Transactions on Architecture and Code Optimization, Vol. 1, No. 1, Article 1. Publication date: January 2017. hardware or the application code to protect (for example masking). Several works have shown that polymorphism is an e ective software countermeasure against side-channel attack [5, 8, 18, 19]. The idea is to obtain a di erent behaviour from one execution to the next one so that each side-channel observation di ers, thus e ectively increasing the di culty to recover the secret data. Tools have been proposed by researchers to help developers to apply polymorphism on their code. Polymorphism was implemented by generating code variants statically (multi-versioning) [7], or by generating code variants at runtime [5, 18]. When variants are generated statically, the number of variants is limited by the nal size of the program, as generating more variants induces an increase of code size. By contrast, tools that use runtime generation su er from other drawbacks: (1) runtime code generation is usually avoided in embedded systems because of the potential vulnerability introduced by the need to access some segments of program memory with both write and execution permissions; (2) lightweight runtime code generation lacks genericity, e.g., is applied on JIT-generated code only [24] or relies on a Domain Speci c Language [18]. In this paper, we present a generic approach supported by a tool, named Odo, which enables to automatically protect any software component against side-channel attacks with runtime code polymorphism. Our key idea is to base the polymorphic code generation on specialized runtime generators, which can only generate code for the targeted function to harden. Furthermore, our approach leverages compilation to automatically generate the specialized generator for any function speci ed by the developer. Specialisation with compilation reduces the computational overhead incurred by runtime code generation. It takes advantage of a compilation ow to gather static information and to optimize the code produced at runtime. Specialisation with compilation also enables a precise static allocation of memory. As a consequence it makes possible the deployment of mitigations to the concerns related to runtime code generation in embedded systems (i.e., restrict write permissions on program memory), and the use of the proposed approach in embedded systems with limited memory resources. At runtime, the specialized generators use the available static information and several runtime code transformations to generate a di erent code e ciently and periodically. Some transformations have already been shown e ective against several types of side-channel attacks: register shu ing, instruction shu ing, semantic variants and insertion of noise instructions. The specialized generators can also use a new and so-called dynamic noise instructions to introduce more variability even between consecutive executions of the same generated code. As every transformation can be enabled/disabled or tuned, the proposed approach o ers a high level of polymorphism con gurability. In the experimental results, we rst analyse in details an AES use case by considering 17 different con gurations of polymorphism among the large set of possible con gurations owing to the con gurability of our approach. We assess the security level of the hardened AES with two di erent evaluation criteria nowadays in use for the evaluation of side-channel countermeasures: non-speci c t-tests, to assess the absence of information leakage, and Correlation Power Analysis (CPA). The security evaluation based on t-tests show that several levels of security can be reached. We also analyse the impact of the di erent transformations on security and performance. This gives some insight on ways to satisfy some security and performance requirements. Finally, we present a methodology to nd a con guration leading to a good trade-o between security and performance. Following it, we select 3 con gurations with di erent security and performance trade-o s. The results of a CPA attack that targets the weakest of these con gurations in terms of security revealed that attacking it is 13,000 folds as hard as attacking the reference unprotected implementation. As our approach is fully automatic, we also evaluate the code size and runtime overheads considering 15 benchmarks and the 3 selected con gurations. The evaluation shows that (1) the overheads are small enough so that our approach is applicable even on highly constrained systems and (2) it is very competitive compared to the state of the art. Indeed, code generation is highly e cient and is an order of magnitude faster than similar state-of-the-art approach. Thus, experimental results demonstrate the versatility and the strength of our approach: it matches the needs in terms of security, thanks to a high behavioural variability, while incurring an acceptable performance overhead; its high con gurability enables to adjust performance and security levels for a particular case, such that polymorphism can be deployed easily on a wide variety of programs; it removes the traditional concerns about runtime code generation, reaching the same con dence level as static multi-versionning approaches with lower overheads. This rest of this paper is organized as follows: Section 2 gives some background on side-channel attacks and existing software protections, and Section 3 details our threat model. Our approach and its implementation in Odo are presented in Section 4; Section 5 is dedicated to the memory management. The experimental evaluation is presented in Section 6. Section 7 is devoted to a comparison with the closest existing approaches. Related work are presented in Section 8 before concluding in Section 9.