Small Faults Grow Up - Verification of Error Masking Robustness in Arithmetically Encoded Programs

Karl, Anja Felicitas; Schilling, Robert; Bloem, Roderick; Mangard, Stefan

doi:10.1007/978-3-030-11245-5_9

Cited by 3 publications

(1 citation statement)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Side-channel attacks are capable of breaking secrecy via side-channel information such as power consumption [74,79], execution time [108], faults [70,102], acoustic [57] and cache [65], posing a growing threat to implementations of cryptographic algorithms. In this work, we focus on power side-channel attacks, arguably the most effective physical side-channel attack [69], where power consumption data are used as the side-channel information.…”

Section: Introductionmentioning

confidence: 99%

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Gao

Xie

Song

et al. 2020

Preprint

View full text Add to dashboard Cite

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out to be an errorprone task. Current techniques for verifying whether masked programs are secure are limited in their applicability and accuracy, especially when they are applied. To bridge this gap, in this article, we first propose a sound type system, equipped with an efficient type inference algorithm, for verifying masked arithmetic programs against higher-order attacks. We then give novel model-counting based and pattern-matching based methods which are able to precisely determine whether the potential leaky observable sets detected by the type system are genuine or simply spurious. We evaluate our approach on various implementations of arithmetic cryptographic programs. The experiments confirm that our approach outperforms the state-of-the-art baselines in terms of applicability, accuracy and efficiency.CCS Concepts: • Software and its engineering → Software verification; • Security and privacy → Logic and verification; Side-channel analysis and countermeasures.

show abstract

Section: Introductionmentioning

confidence: 99%

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Gao

Xie

Song

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

Placement of Runtime Checks to Counteract Fault Injections

Maderbacher

Karl

Bloem

2020

Runtime Verification

View full text Add to dashboard Cite

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Gao

Xie

Song

et al. 2021

ACM Trans. Softw. Eng. Methodol.

View full text Add to dashboard Cite

Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out to be an error-prone task. Current techniques for verifying whether masked programs are secure are limited in their applicability and accuracy, especially when they are applied. To bridge this gap, in this article, we first propose a sound type system, equipped with an efficient type inference algorithm, for verifying masked arithmetic programs against higher-order attacks. We then give novel model-counting-based and pattern-matching-based methods that are able to precisely determine whether the potential leaky observable sets detected by the type system are genuine or simply spurious. We evaluate our approach on various implementations of arithmetic cryptographic programs. The experiments confirm that our approach outperforms the state-of-the-art baselines in terms of applicability, accuracy, and efficiency.

show abstract

Small Faults Grow Up - Verification of Error Masking Robustness in Arithmetically Encoded Programs

Cited by 3 publications

References 25 publications

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Placement of Runtime Checks to Counteract Fault Injections

A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs

Contact Info

Product

Resources

About