fault channel watermarks
play

Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , - PowerPoint PPT Presentation

Aug 22, 2023 •160 likes •310 views

Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , and Kerstin Lemke-Rust 1 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universitt Bochum 2 Germany 27 September 2016 Bonn-Rhein-Sieg University of Applied Sciences

  1. Fault-Channel Watermarks Peter Samarin 1 , 2 , Alexander Skripnik 1 , and Kerstin Lemke-Rust 1 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universität Bochum 2 Germany 27 September 2016 Bonn-Rhein-Sieg University of Applied Sciences

  2. Software Plagiarism in Embedded Systems ◮ A product comes to the market with the same capabilities ◮ Does the system contain our intellectual property? ? µC ◮ Adversary takes our binary ◮ Effective read-out protection ◮ Comparison of code binaries not possible ◮ Our solution : compare fault channel leakage of the two implementations Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 1 / 13

  3. Our Approach: Use the Fault Side Channel program start program end Fault injections 1. Profile fault channel leakage ◮ A fault scan of the entire implementation ◮ Try inducing a fault in each clock cycle ◮ Observe the output and convert into a string ◮ 0: output as expected—no fault has occurred ◮ 1: output wrong—fault has occurred ◮ 2: program crash ◮ Assumption: We should be able to distinguish faulty outputs from non-faulty outputs 2. Compare two profiles and make a decision ◮ Normalized edit distance to compare two strings -> No need to insert a watermark—the fault channel leakage serves as the code’s own watermark Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 2 / 13

  4. Edit Distance Between Two Strings ◮ What is the cost of transforming s 1 into s 2 ? ◮ insert (cost 1) ◮ delete (cost 1) ◮ substitute (cost 1) A t e B s t C t e s t A B C 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 t 1 1 2 3 4 5 6 t 1 1 2 3 4 5 6 1 0 e 2 2 2 1 2 3 4 5 e 2 1 0 1 2 3 4 5 s 3 3 3 2 2 2 3 4 s 3 2 1 0 1 2 3 4 t 4 4 3 3 3 3 2 3 t 4 3 2 1 0 1 2 3 ◮ d e ( "test","AteBstC" ) = 3 (normalized 0.4286) ◮ d e ( "test","testABC" ) = 3 (normalized 0.4286) Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 3 / 13

  5. Our Setup ◮ GIAnT (Generic Implementation ANalysis Toolkit) board to induce power glitches ◮ Smartcard with an ATmega163 microcontroller running at 2MHz Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 4 / 13

  6. Fault Injection with the GIAnT Board 3.5 3 Power supply (V) 2.5 2 1.5 1 0.5 0 -0.5 -1 0 200 400 600 800 1000 1200 1400 Time (ns) ◮ Injection offset ◮ Injection pulse width Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 5 / 13

  7. 10 Fault Scans of an AES 128 Implementation 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 2 LD R22,Y+14[43] 2 LD R23,Y+15[b4] EOR R20[21],R16[71] ; 50 1 EOR R21[46],R17[78] ; 3e 1 EOR R22[43],R18[34] ; 77 1 1 EOR R23[b4],R19[9f] ; 2b 2325 2 ST Y+12[74],R20 ; 50 2 ST Y+13[74],R21 ; 3e O ff set(µs) ST Y+14[74],R22 ; 77 2 ST Y+15[74],R23 ; 2b 2 4 RET 2330 RCALL keyaddition 3 2 LD R16,Y+0[40] ;; keyaddition 1 EOR R0[a7],R16[40] ; e7 LD R16,Y+1[36] 2 1 EOR R1[15],R16[36] ; 23 Data output errors Program crashes No errors Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 6 / 13

  8. Fault Sensitivity of Instructions RCALL-3 [40] LD-2 [408] 1 1 0.8 0.8 0.6 0.6 0.4 0.4 0.2 0.2 0 0 -200 -100 0 100 200 300 400 500 600 700 800 900 1000 1100 1200 -200 -100 0 100 200 300 400 500 600 700 RET-4 [40] ST-2 [192] 1 1 0.8 0.8 0.6 0.6 0.4 0.4 0.2 0.2 0 0 -200 -100 0 100 200 300 400 500 600 700 800 900 1000 1100 1200 1300 1400 1500 1600 1700 -200 -100 0 100 200 300 400 500 600 700 PUSH-2 [20] LDS-2 [344] 1 1 0.8 0.8 0.6 0.6 0.4 0.4 0.2 0.2 0 0 -200 -100 0 100 200 300 400 500 600 700 -200 -100 0 100 200 300 400 500 600 700 POP-2 [20] STS-2 [344] 1 1 0.8 0.8 0.6 0.6 0.4 0.4 0.2 0.2 0 0 -200 -100 0 100 200 300 400 500 600 700 -200 -100 0 100 200 300 400 500 600 700 Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 7 / 13

  9. Test Applications and Experiments Overview Implementation AES0 AES1 AES1 AES1 AES2 AES2 AES2 v0 v1 v2 v0 v1 v2 Language assembly assembly assembly assembly C C C Optimization - - - - -O3 -O3 -O2 Compiler version - - - - 4.8.4 4.3.3 4.3.3 N. of clock cycles 5705 4480 4480 5569 12010 12006 21980 N. of instructions 15 28 28 32 38 32 38 Inj. step size 100 ns 100 ns 500 ns 500 ns 500 ns 500 ns 500 ns Inj. pulse width 500 ns 500 ns 500 ns 500 ns 500 ns 500 ns 500 ns N. of scans 10 10 5 5 10 10 10 All key bytes 0x0a 0x0a random 0x0a 0x0a 0x0a 0x0a All plaintext bytes 0x09 0x09 random 0x09 0x09 0x09 0x09 ◮ Experiments ◮ Repeatability ◮ Multiple traces—using a majority string ◮ Comparing the same implementations ◮ Comparing different implementations ◮ Comparing modified versions of the same implementation Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 8 / 13

  10. Experiments: Repeatability and Majority String ◮ Repeatability ◮ AES0 (28550 FIs): d e ( S i , S j ) ≈ 62 . 8 ± 6 . 1 ◮ AES1-v-0 (22500 FIs): d e ( S i , S j ) ≈ 41 . 6 ± 5 . 3 ◮ Majority string Impl. No. fault injections d e ( S i , S j ) d e ( S i , S ) AES0 28550 62.8 ± 6.1 38.0 ± 6.4 AES1-v-0 22500 41.6 ± 5.3 26.7 ± 4.5 Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 9 / 13

  11. Experiments: Cross-Comparison 1 Normalized edit distance 0.8 0.6 0.4 0.2 0 AES0 AES1-v-0 AES1-v-1 AES1-v-2 AES2-v-0 AES2-v-1 AES2-v-2 AES0 AES1-v-0 AES1-v-1 AES1-v-2 AES2-v-0 AES2-v-1 AES2-v-2 AES0 0.0032 0.3537 0.3502 0.3506 0.5281 0.5342 0.7404 AES1-v-0 0.3537 0.0015 0.1116 0.2623 0.6272 0.6307 0.7954 AES1-v-1 0.3502 0.1116 0.0441 0.2972 0.6269 0.6309 0.7954 AES1-v-2 0.3506 0.2623 0.2972 0.0288 0.5529 0.5617 0.7454 AES2-v-0 0.5281 0.6272 0.6269 0.5529 0.0131 0.3389 0.4815 AES2-v-1 0.5342 0.6307 0.6309 0.5617 0.3389 0.0462 0.4738 AES2-v-2 0.7404 0.7954 0.7954 0.7454 0.4815 0.4738 0.0169 Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 10 / 13

  12. Related Work ◮ (Becker et al. 2011) ◮ Embed watermarks detectable in the side channel ◮ Use power consumption ◮ Applicable to hardware and software ◮ (Durvaux et al. 2012) ◮ Use power consumption as its own watermark ◮ Applicable to hardware and software ◮ (Strobel et al. 2015) ◮ Side channel disassembler ◮ Use electromagnetic emanation ◮ Detect individual instructions ◮ Applicable to software Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 11 / 13

  13. Summary ◮ Method to detect plagiarized assembly code ◮ Perform fault scans of the entire implementations ◮ Compare the fault scans using normalized edit distance ◮ Future Work ◮ Global and local matching to find subparts of similar code ◮ Application to hardware (FPGAs) Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 12 / 13

  14. Thanks for listening Any questions? Peter Samarin, Alexander Skripnik, Kerstin Lemke-Rust Fault-Channel Watermarks 13 / 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fragile watermarks for LZ- -77 77 Fragile watermarks for LZ Stefano Lonardi Stefano Lonardi

Fragile watermarks for LZ- -77 77 Fragile watermarks for LZ Stefano Lonardi Stefano Lonardi

Stefano Lonardi March, 2000 Fragile watermarks for LZ- -77 77 Fragile watermarks for LZ Stefano Lonardi Stefano Lonardi U niver s it y of Cal if or nia, R iver s ide U niver s it y of Cal if or nia, R iver s ide joint work with M. M.

804 views • 25 slides
Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras

Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras

Automatic Synthesis of Fault Attack Resistant Cipher Implementations Chester Rebeiro IIT Madras Side Channel Analysis Electro magnetic Radiation Fault injection Power consumption Timing channels Preventing Side Channel Attacks is

468 views • 34 slides
PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan,

PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan,

PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan, Korea Bruno Robisson, Hlne Le Bouder Secure Architecture and Systems Laboratory Joint team between CEA and Ecole des Mines de Saint-Etienne

883 views • 28 slides
Fresh Re-Keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices Marcel

Fresh Re-Keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices Marcel

VLSI Institute for Applied Information Processing and Communications (IAIK) VLSI & Security Fresh Re-Keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices Marcel Medwed Franois-Xavier Standaert Johann

814 views • 28 slides
Side-Channel & Fault Attacks Ruggero Susella System Research & Applications Security

Side-Channel & Fault Attacks Ruggero Susella System Research & Applications Security

Side-Channel & Fault Attacks Ruggero Susella System Research & Applications Security Rodmap STMicroelectronics 2018/12/06 2 ST Who are we ? STMicroelectronics 3 A global semiconductor leader 2017 revenues of $8.35B

1.32k views • 107 slides
channel and fault attacks Jasper van Woudenberg @jzvw January 10, 2019 1 Our vision

channel and fault attacks Jasper van Woudenberg @jzvw January 10, 2019 1 Our vision

Practicing the art and science of side channel and fault attacks Jasper van Woudenberg @jzvw January 10, 2019 1 Our vision certificate recommendations countermeasures 2 Where we are today Science Art Bit of both certificate 2 weeks

998 views • 41 slides
Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German

CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German

CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German Kanal 1 Deutsch Channel 2 English Channel 2 English Channel 3 Italian Canale 3 Italiano Channel 4 Spanish Canal 4 Espaol Channel 5

708 views • 34 slides
Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad

Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad

Long Term Investigations, EEC Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad Hofbauer EUROCONTROL Experimental Centre (EEC), Bretigny, France 1 European Organisation for the Safety of Air

249 views • 23 slides
Channel design Channel coverage Intensive Selective Exclusive Channel

Channel design Channel coverage Intensive Selective Exclusive Channel

PLANNING A B2B MARKETING CHANNEL STRATEGY Channel design Channel coverage Intensive Selective Exclusive Channel management decisions Selecting suitable channel partners Managing and motivating channel partners

560 views • 29 slides
Digital Watermarking Presented by Melinos Averkiou History 1282 Paper Watermarks 1779

Digital Watermarking Presented by Melinos Averkiou History 1282 Paper Watermarks 1779

Digital Watermarking Presented by Melinos Averkiou History 1282 Paper Watermarks 1779 Counterfeiting 1954 Watermarking music 1988 First use of the term Digital Watermark End of 1990s large interest in

725 views • 31 slides
Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe

Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe

Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe (ETSI) channel 1 channel 7 channel 13 2400 2412 2442 2472 2483.5 [MHz] 22 MHz US (FCC)/Canada (IC) channel 1 channel 6 channel 11 2400

572 views • 44 slides
1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future

1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future

EUROPEAN AFFAIRS COMMITTEE The Future of Health in the European Union Brussels, November 15th, 2018 #AIM20yearsBxl #FutureHealthEU 1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future of Health in

299 views • 9 slides
The Temperature Side Channel and Heating Fault Attacks Michael Hutter and J orn-Marc Schmidt

The Temperature Side Channel and Heating Fault Attacks Michael Hutter and J orn-Marc Schmidt

Introduction SCA Faults Remanence Conclusions 1 / 24 The Temperature Side Channel and Heating Fault Attacks Michael Hutter and J orn-Marc Schmidt Michael Hutter and J orn-Marc Schmidt CARDIS 2013, November 27-29, 2013 Introduction

687 views • 24 slides
PERSISTENT AND UNFORGEABLE WATERMARKS FOR DEEP NEURAL NETWORKS Huiying Li, Emily Willson, Heather

PERSISTENT AND UNFORGEABLE WATERMARKS FOR DEEP NEURAL NETWORKS Huiying Li, Emily Willson, Heather

DNNS ARE INCREASINGLY POPULAR PERSISTENT AND UNFORGEABLE WATERMARKS FOR DEEP NEURAL NETWORKS Huiying Li, Emily Willson, Heather Zheng, Ben Y. Zhao Hey Siri Oct 30, 2019 1 2 DEEP NEURAL NETWORK (DNN) DNNS ARE HARD TO TRAIN A machine

115 views • 9 slides
ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel

ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel

ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel Translation Language Channel 1 German Channel 1 Deutsch Channel 2 English Channel 2 English Channel 3 French Canal 3 Franais Channel 4

868 views • 84 slides
Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 ,

Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 ,

Detecting Similar Code Segments through Side Channel Leakage in Microcontrollers Peter Samarin 1 , 2 and Kerstin Lemke-Rust 1 Bonn-Rhein-Sieg University of Applied Sciences 1 Ruhr-Universitt Bochum 2 Germany November 29, 2017 Bonn-Rhein-Sieg

464 views • 33 slides
Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel

Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel

Binary Program Analysis: Theory and Practice (what you code is not what you execute) Emmanuel Fleury <emmanuel.fleury@labri.fr> Joint work with: Grald Point <gerald.point@labri.fr> , Aymeric Vincent <aymeric.vincent@labri.fr>

924 views • 91 slides
MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging,

MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging,

CIGI MEDIA SKILLS WORKSHOP SECTION 1: MEDIA INTRODUCTION OVERVIEW: SECTION 1 Tactics: Bridging, Hooking, Flagging, Touch and Go Ten tips DOs and DONTs General Interview Tips - Before, During, and After Final Thoughts THE

733 views • 57 slides
elausys.be ELECTRONIC & AUTOMATION SYSTEMS Products Universal KNX Actuator System Switching

elausys.be ELECTRONIC & AUTOMATION SYSTEMS Products Universal KNX Actuator System Switching

KNX MANUFACTURER Made in Belgium elausys.be ELECTRONIC & AUTOMATION SYSTEMS Products Universal KNX Actuator System Switching | Shutter | Blind Control Products Universal KNX Actuator System Modular & Extensible Rich Features

359 views • 13 slides
Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime Alizade Supervised by Benno

Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime Alizade Supervised by Benno

Mapping the Dutch Critical Infrastructure Razvan C. Oprea Fahime Alizade Supervised by Benno Overeinder Wednesday, July 3, 13 The initial question Critical infrastructure sectors What is the network level representation of the critical

392 views • 24 slides
Mathematical Discourse Math Department Objectives Participants will: Understand what

Mathematical Discourse Math Department Objectives Participants will: Understand what

Mathematical Discourse Math Department Objectives Participants will: Understand what mathematical discourse is. Understand how to incorporate mathematical discourse in daily lessons. What Questions Did You Ask Today? Lets go to

276 views • 13 slides
Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the

Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the

A pilot project measuring the Quality of Discourse: An Advocates perspective Milkah Kihunah, CARE USA Presentation at the American Evaluation Association Conference, Nov 11 2015 OUTLINE What? Policy and Advocacy context Why?

479 views • 11 slides
UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University

UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University

Understanding Language/ SCALE Stanford Graduate School of Education UNDERSTANDING LANGUAGE/ STANFORD CENTER FOR ASSESSMENT, LEARNING, AND EQUITY Stanford University Graduate School of Education Principles for the Design of Mathematics

507 views • 21 slides

More recommend