PROOFS 2021:Papers with Abstracts

Papers
Abstract. Certification through auditing allows to ensure that critical embedded systems are secure. This entails reviewing their cryptographic components and checking for dangerous execution paths. This latter task requires the use of specialized tools which allow to explore and replay executions but are also difficult to use effectively within the context of the audit, where time and knowledge of the code are limited. Fault analysis is especially tricky as the attacker may actively influence execution, rendering some common methods unusable and increasing the number of possible execution paths exponentially. In this work, we present a new method which mitigates these issues by reducing the number of fault injection points considered to only the most relevant ones relatively to some security properties. We use fast and robust static analysis to detect injection points and assert their impactfulness. A more precise dynamic/symbolic method is then employed to validate attack paths. This way the insight required to find attacks is reduced and dynamic methods can better scale to realistically sized programs. Our method is implemented into a toolchain based on Frama-C and KLEE and validated on WooKey, a case-study proposed by the National Cybersecurity Agency of France.
Abstract. Masking is a promising countermeasure against side-channel attack, and share slic- ing is its efficient software implementation that stores all the shares in a single register to exploit the parallelism of Boolean instructions. However, the security of share slicing relies on the assumption of bit-independent leakage from those instructions. Gao et al. recently discovered a violation causing a security degradation, called the bit-interaction leakage, by experimentally evaluating ARM processors. However, its causality remained open because of the blackbox inside the target processors. In this paper, we approach this problem with simulation-based side-channel leakage evaluation using a RISC-V processor. More specifically, we use Western Digital’s open-source SweRV EH1 core as a target plat- form and measure its side-channel traces by running logic simulation and counting the number of signal transitions in the synthesized ALU netlist. We successfully replicate the bit-interaction leakage from a shifter using the simulated traces. By exploiting the flexi- bility of simulation-based analysis, we positively verify Gao et al.’s hypothesis on how the shifter causes the leakage. Moreover, we discover a new bit-interaction leakage from an arithmetic adder caused by carry propagation. Finally, we discuss hardware and software countermeasures against the bit-interaction leakage.
Abstract. The existing multiple-layer candidate sieve exploits collisions to filter the candidates to achieve a much smaller space for easier key recovery, and tries to recover the key ranking at very deep candidate space. However, it leads to enormous computation yet achieves very low success probability. In this paper, we build a novel Simple Multiple-Layer Sieve (SMLS) from Correlation Power Analysis (CPA) and achieve better performance than the existing one. Furthermore, we build two combined sieves named Two-Layer Stacking Sieve (TLSS) and Full-Layer Stacking Sieve (FLSS) since same operations in serial cryptographic implementation generate similar leakage. The experimental results verify their superiority.
Abstract. Cryptographic algorithms are fundamental to security. However, it has been shown that secret information could be effectively extracted through monitoring and analyzing the cache side-channel information (i.e., hit and miss) of cryptographic implementations. To mitigate such attacks, a large number of detection-based defenses have been proposed. To the best of our knowledge, almost all of them are achieved by collecting and analyzing hardware performance counter (HPC) data. But these low-level HPC data usually lacks semantic information and is easy to be interfered, which makes it difficult to determine the attack type by analyzing the HPC information only.
Actually, the behavior of a cache attack is localized. In certain attack-related steps, the data accesses of cache memory blocks are intensive, while such behavior can be distributed sparsely among different attack steps. Based on this observation, in this paper, we pro- pose the locality-based cache side-channel attack detection method, which combines the low-level HPC running data with the high-level control flow graph (CFG) of the program to achieve locality-guided attack pattern extraction. Then we can use GNN graph clas- sification technology to learn such attack pattern and detect malicious attack programs. The experiments with a corpus of 1200 benchmarks show that our approach can achieve 99.44% accuracy and 99.47% F1-Score with a low performance overhead.
Abstract. Given that large-scale quantum computers can eventually compute discrete logarithm and integer factorization in polynomial time [44], all asymmetric cryptographic schemes will break down. Hence, replacing them becomes mandatory. For this purpose, the Na- tional Institute of Standards and Technology (NIST) initiated a standardization process for post-quantum schemes. These schemes are supposed to substitute classical cryptography in different use-cases, such as client-server authentication during the TLS handshake. How- ever, their signatures, public key sizes, and signature verification time impose difficulty, especially for resource-constrained devices. In this paper, we improve the TLS hand- shake performance relying on post-quantum signatures by combining the XMSS and the Dilithium signature schemes along the chain of certificates. We provide proof-of-concept implementation of our solution by integrating the two signature schemes in the WolfSSL library. Moreover, we evaluate the performance of our solution and establish that it re- duces the signature verification time considerably and minimizes the size of the chain of trust. We provide a security proof of the proposed chain of trust which is relies on the security of the XMSS scheme.
Abstract. Side-channel attacks aim at extracting secret keys from cryptographic devices. Ran- domly masking the implementation is a provable way to protect the secrets against this threat. Recently, various masking schemes have converged to the “code-based masking” philosophy. In code-based masking, different codes allow for different levels of side-channel security. In practice, for a given leakage function, it is important to select the code which enables the best resistance, i.e., which forces the attacker to capture and analyze the largest number of side-channel traces.
This paper is a first attempt to address the constructive selection of the optimal codes in the context of side-channel countermeasures, in particular for code-based masking when the device leaks information in the Hamming weight leakage model. We show that the problem is related to the weight enumeration of the extended dual of the masking code. We first present mathematical tools to study those weight enumeration polynomials, and then provide an efficient method to search for good codes, based on a lexicographic sorting of the weight enumeration polynomial from lowest to highest degrees.