The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app fingerprinting, reverse engineering of firmware, and password recovery are growing threats. Countermeasures proposed so far are tuned to specific applications, such as crypto-implementations. They are not scalable to the large number and variety of applications that typically run on a general purpose microprocessor.In this paper, we investigate the design of a microprocessor, called PARAM with increased resistance to power based sidechannel attacks. To design PARAM, we start with identifying the most leaking modules in an open-source RISC V processor. We evaluate the leakage in these modules and then add suitable countermeasures. The countermeasures depend on the cause of leakage in each module and can vary from simple modifications of the HDL code ensuring secure translation by the EDA tools, to obfuscating data and address lines thus breaking correlation with the processor's power consumption. The resultant processor is instantiated on the SASEBO-GIII FPGA board and found to resist Differential Power Analysis even after one million power traces. Compared to contemporary countermeasures for power side-channel attacks, overheads in area and frequency are minimal.
A microprocessor is as secure as its weakest module. Depending on the application, the weakest module may be present in the hardware, micro-architecture, or a vulnerability in the software. For instance in a web-server, the biggest threats occur due to software vulnerabilities and due to information leakage in shared micro-architecture components. On the other hand, in an end-point IoT device, invasive and non-invasive hardware attacks such as Differential Power Analysis (DPA), are arguably the biggest threats.
In this paper we highlight some aspects of the development of a secure processor called Shakti-S. The processor is configurable and can cater to vulnerabilities in multiple layers. To protect against memory vulnerabilities that are common in applications, hardware enabled memory protection schemes are implemented. Fine-grained compartment capabilities permit the secure least-privilege software design methodology. In the micro-architecture, shared modules like cache memories are protected by moving target randomization mechanisms which can prevent most variants of cache timing attacks. In the hard-ware, critical information is masked to break correlation with the device’s power consumption, thus hardening the processor against strong side-channel attacks like the Differential Power Analysis.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.