{"title":"RISC CPU数据序列化效应导致信息泄露的对策","authors":"Qi Chen, Liang Liu, Xuesong Yan, Dongyan Zhao, Yidong Yuan, Hongmei Wu, Rui Tian","doi":"10.1145/3424978.3425052","DOIUrl":null,"url":null,"abstract":"Side-channel attacks (SCAs) utilize the side-channel information leakage of devices to obtain sensitive information, which have become one of the most prominent threats to the security of embedded systems. Information leakage induced by data serialization effects is a critical problem in designing countermeasures against SCAs. In this paper, information leakage induced by data serialization effects in a general-purpose RISC CPU with a three-stage pipeline is studied. The side-channel analysis is based on the netlist-level simulation to guarantee a \"clean room\" environment. Based on the implementation of SCAs by using correlation power analysis (CPA) method, information leakage is significant in the CPU and the correct key is successfully guessed with the help of only tens of power traces. Three countermeasures based on software and hardware are proposed and compared with consideration of CPU security, performance and power consumption. After implementing the countermeasures, the information leakage is reduced significantly and the anti-attack ability of the CPU is improved (up to four orders of magnitude). Moreover, when the countermeasures are implemented in actual noisy environment, the CPU security will be further improved. Reasonable compromise needs to be made between the CPU security and implementation overhead to choose suitable SCA-resistant countermeasures under different conditions.","PeriodicalId":178822,"journal":{"name":"Proceedings of the 4th International Conference on Computer Science and Application Engineering","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Countermeasures Against Information Leakage Induced by Data Serialization Effects in a RISC CPU\",\"authors\":\"Qi Chen, Liang Liu, Xuesong Yan, Dongyan Zhao, Yidong Yuan, Hongmei Wu, Rui Tian\",\"doi\":\"10.1145/3424978.3425052\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Side-channel attacks (SCAs) utilize the side-channel information leakage of devices to obtain sensitive information, which have become one of the most prominent threats to the security of embedded systems. Information leakage induced by data serialization effects is a critical problem in designing countermeasures against SCAs. In this paper, information leakage induced by data serialization effects in a general-purpose RISC CPU with a three-stage pipeline is studied. The side-channel analysis is based on the netlist-level simulation to guarantee a \\\"clean room\\\" environment. Based on the implementation of SCAs by using correlation power analysis (CPA) method, information leakage is significant in the CPU and the correct key is successfully guessed with the help of only tens of power traces. Three countermeasures based on software and hardware are proposed and compared with consideration of CPU security, performance and power consumption. After implementing the countermeasures, the information leakage is reduced significantly and the anti-attack ability of the CPU is improved (up to four orders of magnitude). Moreover, when the countermeasures are implemented in actual noisy environment, the CPU security will be further improved. Reasonable compromise needs to be made between the CPU security and implementation overhead to choose suitable SCA-resistant countermeasures under different conditions.\",\"PeriodicalId\":178822,\"journal\":{\"name\":\"Proceedings of the 4th International Conference on Computer Science and Application Engineering\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 4th International Conference on Computer Science and Application Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3424978.3425052\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 4th International Conference on Computer Science and Application Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3424978.3425052","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Countermeasures Against Information Leakage Induced by Data Serialization Effects in a RISC CPU
Side-channel attacks (SCAs) utilize the side-channel information leakage of devices to obtain sensitive information, which have become one of the most prominent threats to the security of embedded systems. Information leakage induced by data serialization effects is a critical problem in designing countermeasures against SCAs. In this paper, information leakage induced by data serialization effects in a general-purpose RISC CPU with a three-stage pipeline is studied. The side-channel analysis is based on the netlist-level simulation to guarantee a "clean room" environment. Based on the implementation of SCAs by using correlation power analysis (CPA) method, information leakage is significant in the CPU and the correct key is successfully guessed with the help of only tens of power traces. Three countermeasures based on software and hardware are proposed and compared with consideration of CPU security, performance and power consumption. After implementing the countermeasures, the information leakage is reduced significantly and the anti-attack ability of the CPU is improved (up to four orders of magnitude). Moreover, when the countermeasures are implemented in actual noisy environment, the CPU security will be further improved. Reasonable compromise needs to be made between the CPU security and implementation overhead to choose suitable SCA-resistant countermeasures under different conditions.