Simulation Based Evaluation of Bit-Interaction Side-Channel Leakage on RISC-V Processor

Tamon Asano, T. Sugawara
{"title":"Simulation Based Evaluation of Bit-Interaction Side-Channel Leakage on RISC-V Processor","authors":"Tamon Asano, T. Sugawara","doi":"10.29007/5wq7","DOIUrl":null,"url":null,"abstract":"Masking is a promising countermeasure against side-channel attack, and share slic- ing is its efficient software implementation that stores all the shares in a single register to exploit the parallelism of Boolean instructions. However, the security of share slicing relies on the assumption of bit-independent leakage from those instructions. Gao et al. recently discovered a violation causing a security degradation, called the bit-interaction leakage, by experimentally evaluating ARM processors. However, its causality remained open because of the blackbox inside the target processors. In this paper, we approach this problem with simulation-based side-channel leakage evaluation using a RISC-V processor. More specifically, we use Western Digital’s open-source SweRV EH1 core as a target plat- form and measure its side-channel traces by running logic simulation and counting the number of signal transitions in the synthesized ALU netlist. We successfully replicate the bit-interaction leakage from a shifter using the simulated traces. By exploiting the flexi- bility of simulation-based analysis, we positively verify Gao et al.’s hypothesis on how the shifter causes the leakage. Moreover, we discover a new bit-interaction leakage from an arithmetic adder caused by carry propagation. Finally, we discuss hardware and software countermeasures against the bit-interaction leakage.","PeriodicalId":93549,"journal":{"name":"EPiC series in computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"EPiC series in computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.29007/5wq7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Masking is a promising countermeasure against side-channel attack, and share slic- ing is its efficient software implementation that stores all the shares in a single register to exploit the parallelism of Boolean instructions. However, the security of share slicing relies on the assumption of bit-independent leakage from those instructions. Gao et al. recently discovered a violation causing a security degradation, called the bit-interaction leakage, by experimentally evaluating ARM processors. However, its causality remained open because of the blackbox inside the target processors. In this paper, we approach this problem with simulation-based side-channel leakage evaluation using a RISC-V processor. More specifically, we use Western Digital’s open-source SweRV EH1 core as a target plat- form and measure its side-channel traces by running logic simulation and counting the number of signal transitions in the synthesized ALU netlist. We successfully replicate the bit-interaction leakage from a shifter using the simulated traces. By exploiting the flexi- bility of simulation-based analysis, we positively verify Gao et al.’s hypothesis on how the shifter causes the leakage. Moreover, we discover a new bit-interaction leakage from an arithmetic adder caused by carry propagation. Finally, we discuss hardware and software countermeasures against the bit-interaction leakage.
基于仿真的RISC-V处理器位交互侧信道泄漏评估
屏蔽是一种很有前途的对抗侧信道攻击的方法,共享分片是一种有效的软件实现,它将所有的共享存储在一个寄存器中,以利用布尔指令的并行性。然而,共享切片的安全性依赖于这些指令的位无关泄漏的假设。Gao等人最近通过实验评估ARM处理器,发现了一种导致安全性下降的违规行为,称为位交互泄漏。然而,由于目标处理器内部的黑盒子,它的因果关系仍然是开放的。在本文中,我们使用RISC-V处理器通过基于仿真的侧信道泄漏评估来解决这个问题。更具体地说,我们使用西部数据的开源SweRV EH1核心作为目标平台,并通过运行逻辑仿真和计算合成ALU网表中的信号转换次数来测量其侧通道走线。我们利用模拟走线成功地复制了移位器的位相互作用泄漏。通过利用基于仿真分析的灵活性,我们积极地验证了Gao等人关于换档器如何导致泄漏的假设。此外,我们还发现了由进位传播引起的算术加法器位交互泄漏。最后,我们讨论了防止位交互泄漏的硬件和软件对策。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
1.60
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信