Presence of Fault Attacks Robert Schilling 1,2 , Mario Werner 1 , - - PowerPoint PPT Presentation

β–Ά
presence of fault attacks
SMART_READER_LITE
LIVE PREVIEW

Presence of Fault Attacks Robert Schilling 1,2 , Mario Werner 1 , - - PowerPoint PPT Presentation

Dec 10, 2023 358 likes β€’704 views

Securing Conditional Branches in the Presence of Fault Attacks Robert Schilling 1,2 , Mario Werner 1 , Stefan Mangard 1 1 Graz University of Technology, 2 Know-Center GmbH March 22, 2018 Overview Introduction to control-flow integrity and

slide-1
SLIDE 1

Robert Schilling1,2, Mario Werner1, Stefan Mangard1

1Graz University of Technology, 2Know-Center GmbH

March 22, 2018

Securing Conditional Branches in the Presence of Fault Attacks

slide-2
SLIDE 2
  • Introduction to control-flow integrity and data protection
  • Generic approach to protect conditional branches without

hardware extensions

  • Protected comparison algorithms based on AN-codes
  • Prototype compiler based on LLVM
  • Evaluation

Overview

March 22, 2018 Robert Schilling 2

slide-3
SLIDE 3
  • Fault attacks can modify the code and data
  • Control-flow integrity (CFI) restricts the control-flow

to valid execution traces

  • Data encoding to protect arithmetic
  • No protection for conditional branches
  • Conditional branches are critical instructions
  • Password checks, signature verification depend on

conditional branches

  • Preferred target for fault attacks

Motivation

March 22, 2018 Robert Schilling 3

PW check Continue Enter System Raise Alarm

slide-4
SLIDE 4
  • Different CFI granularities
  • Program counter dependent state 𝑇𝑗
  • Depends on the previous state
  • Depends on currently executed instruction

Introduction to Control-Flow Integrity (CFI)

March 22, 2018 Robert Schilling 4

οƒ  Instruction granularity

𝐽1 𝐽2 𝐽3 𝐽4 𝐽5 𝐽6 𝐽7 𝐽8 𝐽9

𝑇1 𝑇2 𝑇3 𝑇4 𝑇5 𝑇6 𝑇7 𝑇8 𝑇9

Conditional branches are not protected by means of CFI

slide-5
SLIDE 5
  • Arithmetic codes defined by: 𝑦𝑑= 𝐡 βˆ™ 𝑦
  • All code words are multiples of the encoding constant 𝐡
  • AN-code congruence: 0 ≑ 𝑦𝑑 𝑛𝑝𝑒 𝐡
  • Support different arithmetic operations
  • +, -, *, /
  • Closed under addition/subtraction
  • Adding two AN-code words results in another valid AN-code word
  • 𝑨𝑑 = 𝑦𝑑 + 𝑧𝑑 = 𝐡 βˆ™ 𝑦 + 𝐡 βˆ™ 𝑧 = 𝐡 βˆ™ (𝑦 + 𝑧)

A Primer to AN-Codes

March 22, 2018 Robert Schilling 5

slide-6
SLIDE 6
  • 1. First operation: Comparison
  • Takes two inputs x, y and comparison predicate P
  • Returns 1-bit signal if the comparison is true or false
  • 2. Second operation: Branch
  • Determines how to update the program counter (PC1,PC2)

What is a Conditional Branch

March 22, 2018 Robert Schilling 6

slide-7
SLIDE 7
  • CFI introduces a program counter dependent state S
  • State is different if branch is taken or not
  • Decision if the branch is taken still relies on a 1-bit signal

Conditional Branch with CFI

March 22, 2018 Robert Schilling 7

slide-8
SLIDE 8
  • Multiple attack vectors to bypass conditional branches

1. Faulting the operands 2. Faulting the comparison 3. Faulting the branch

Generic Protected Conditional Branches

March 22, 2018 Robert Schilling 8

slide-9
SLIDE 9
  • Multiple attack vectors to bypass conditional branches

1. Faulting the operands οƒ  Add redundancy to x and y (AN-codes) 2. Faulting the comparison 3. Faulting the branch

Generic Protected Conditional Branches

March 22, 2018 Robert Schilling 9

slide-10
SLIDE 10
  • Multiple attack vectors to bypass conditional branches

1. Faulting the operands οƒ  Add redundancy to x and y (AN-codes) 2. Faulting the comparison οƒ  Encoded comparison in software 3. Faulting the branch

Generic Protected Conditional Branches

March 22, 2018 Robert Schilling 10

slide-11
SLIDE 11
  • Multiple attack vectors to bypass conditional branches

1. Faulting the operands οƒ  Add redundancy to x and y (AN-codes) 2. Faulting the comparison οƒ  Encoded comparison in software 3. Faulting the branch οƒ  Link the redundant condition value with the CFI state

Generic Protected Conditional Branches

March 22, 2018 Robert Schilling 11

slide-12
SLIDE 12
  • 1. Compute the encoded compare
  • 2. Perform a standard conditional

branch

  • 3. Link the redundant condition value

with the CFI state

Example: Protected Conditional Branch

March 22, 2018 Robert Schilling 12

𝐽1 𝐽2 𝑐𝑠 π‘‘π‘π‘œπ‘’ = π‘ˆπ‘ π‘£π‘“ π‘‰π‘žπ‘’π‘π‘’π‘“(π‘‘π‘π‘œπ‘’) 𝐽6 𝐽7 π‘‰π‘žπ‘’π‘π‘’π‘“(π‘‘π‘π‘œπ‘’) 𝐽8 𝐽9

𝑇1 𝑇2 𝑇3 𝑇6

βˆ—

𝑇6 𝑇7 𝑇8

βˆ—

𝑇8 𝑇9

π‘‘π‘π‘œπ‘’ = EncCmp

𝑇4

Wrong branch and wrong condition lead to invalid CFI state

slide-13
SLIDE 13
  • Problem:
  • π‘‘π‘π‘œπ‘’π‘—π‘’π‘—π‘π‘œ ← πΉπ‘œπ‘‘π‘π‘’π‘“π‘’π·π‘π‘›π‘žπ‘π‘ π‘“ 𝑄, 𝑦𝑑, 𝑧𝑑 π‘₯π‘—π‘’β„Ž

π‘‘π‘π‘œπ‘’π‘—π‘’π‘—π‘π‘œ ∈ 𝐷1, 𝐷2 π‘π‘œπ‘’ πΌπ‘π‘›π‘›π‘—π‘œπ‘• πΈπ‘—π‘‘π‘’π‘π‘œπ‘‘π‘“ β‰₯ 𝐸

  • Find an algorithm for all comparison predicates: <, ≀, >, β‰₯, =, β‰ 
  • How to compute 𝑦𝑑< 𝑧𝑑 ?

Protected Comparisons with AN-Codes

March 22, 2018 Robert Schilling 13

slide-14
SLIDE 14
  • Step 1: Subtract 𝑦𝑑 βˆ’ 𝑧𝑑
  • 𝑦𝑑 βˆ’ 𝑧𝑑 α‰Špositve if 𝑦𝑑 β‰₯ 𝑧𝑑

negative if 𝑦𝑑 < 𝑧𝑑

  • Sign bit determines the comparison οƒ  No redundancy
  • Returns a valid AN-code word because AN-codes are closed under

subtractions

  • AN-code congruence true
  • How to map the sign bit to a redundant condition value?

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 14

slide-15
SLIDE 15
  • Step 2: Condition mapping
  • 𝑦𝑑 βˆ’ 𝑧𝑑 α‰Špositve if 𝑦𝑑 β‰₯ 𝑧𝑑

negative if 𝑦𝑑 < 𝑧𝑑

  • Map the difference to redundant condition values
  • Trick: Cast difference to unsigned

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 15

slide-16
SLIDE 16
  • Step 2: Condition mapping
  • 𝑦𝑑 βˆ’ 𝑧𝑑 α‰Špositve if 𝑦𝑑 β‰₯ 𝑧𝑑

negative if 𝑦𝑑 < 𝑧𝑑

  • AN-code congruence still true
  • 0 ≑ 𝑦𝑑 βˆ’ 𝑧𝑑 𝑣 𝑛𝑝𝑒 𝐡
  • No change for positive differences due to the cast

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 16

slide-17
SLIDE 17
  • Step 2: Condition mapping
  • 𝑦𝑑 βˆ’ 𝑧𝑑 α‰Špositve if 𝑦𝑑 β‰₯ 𝑧𝑑

negative if 𝑦𝑑 < 𝑧𝑑

  • (𝑦𝑑 βˆ’ 𝑧𝑑)𝑣= 232 + 𝑦𝑑 βˆ’ 𝑧𝑑
  • AN-code congruence not true anymore
  • (𝑦𝑑 βˆ’ 𝑧𝑑)𝑣 𝑛𝑝𝑒 𝐡

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 17

ቐ

cancels out

= 232 𝑛𝑝𝑒 𝐡 = 232 + 𝐡 βˆ™ (𝑦 βˆ’ 𝑧) = (232+𝐡 βˆ™ 𝑦 βˆ’ 𝑧 ) 𝑛𝑝𝑒 𝐡

slide-18
SLIDE 18
  • Condition mapping
  • (𝑦𝑑 βˆ’ 𝑧𝑑)𝑣 𝑛𝑝𝑒 𝐡 α‰Š0

if 𝑦𝑑 β‰₯ 𝑧𝑑 232 𝑛𝑝𝑒 𝐡 if 𝑦𝑑 < 𝑧𝑑

  • To avoid a zero condition value add a constant 𝐷

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 18

slide-19
SLIDE 19
  • Condition mapping
  • (𝑦𝑑 βˆ’ 𝑧𝑑 + C)𝑣 𝑛𝑝𝑒 𝐡 α‰Š

C if 𝑦𝑑 β‰₯ 𝑧𝑑 𝐷 + 232 𝑛𝑝𝑒 𝐡 if 𝑦𝑑 < 𝑧𝑑

  • To avoid a zero condition value add a constant 𝐷
  • Final algorithm:

Protected < Comparison with AN-Codes

March 22, 2018 Robert Schilling 19

slide-20
SLIDE 20
  • Applicable to ≀, >, β‰₯ by
  • Swapping the operands of the first subtraction
  • Swapping the true and false constants
  • =/β‰  equal comparison assembled using ≀ and β‰₯

Protected Comparisons with AN-Codes

March 22, 2018 Robert Schilling 20

slide-21
SLIDE 21
  • Annotate functions using attribute protect_branches
  • Transformation operates on LLVM IR and is target independent

1. Searches conditional branches 2. Slice operands 3. Transform all dependent operations into the AN-code domain 4. Insert protected comparison algorithm

  • Backend links comparison with CFI mechanism

LLVM Compiler Prototype

March 22, 2018 Robert Schilling 21

slide-22
SLIDE 22

LLVM Compiler Prototype

March 22, 2018 Robert Schilling 22

Frontend Source Code Binary

Back End

Middle End

IR IR

IR Optimizers Instruction Selection Code Emission Instruction Scheduling

slide-23
SLIDE 23

LLVM Compiler Prototype

March 22, 2018 Robert Schilling 23

Frontend Source Code Binary

Back End

Middle End

IR IR

IR Optimizers Instruction Selection AN Coder Lower Switch Lower Select Loop Decoupler

CFI Instrumentation

Instruction Scheduling Code Emission

slide-24
SLIDE 24
  • ARMv7-M instruction set simulator
  • Software-centered CFI scheme
  • State updates via store to the memory-

mapped CFI unit

  • AN-code with 6-bit Hamming distance
  • Compare with duplication (5 times)
  • Benchmarks: integer comparison,

memcmp, bootloader

Evaluation Setting

March 22, 2018 Robert Schilling 24

CMP CMP CMP CMP CMP Error Error

slide-25
SLIDE 25

Evaluation

March 22, 2018 Robert Schilling 25

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

slide-26
SLIDE 26

Evaluation

March 22, 2018 Robert Schilling 26

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

slide-27
SLIDE 27

Evaluation

March 22, 2018 Robert Schilling 27

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

slide-28
SLIDE 28

Evaluation

March 22, 2018 Robert Schilling 28

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

slide-29
SLIDE 29

Evaluation

March 22, 2018 Robert Schilling 29

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

slide-30
SLIDE 30

Evaluation

March 22, 2018 Robert Schilling 30

Benchmark Metric CFI abs Duplication abs + / % Prototype abs + / % integer compare Size / B Runtime / c 12 20 128 967 91 355 86 617 63 215 memcmp Size / B Runtime / c 68 1689 272 300 10210 504 276 306 8905 427 bootloader1 Size / B Runtime / c 17252 51888k 17672 2.435 51888k 0.001

1Only signature verification and all subsequent branches protected

slide-31
SLIDE 31
  • Better support for remainder operation
  • Remainder operation assembled using UDIV and MLS
  • Reduces code overhead up to 33% per comparison
  • Better hardware support for CFI
  • No software-based CFI state manipulation
  • Combined instruction for compare, branch, and state update

Performance Improvements

March 22, 2018 Robert Schilling 31

slide-32
SLIDE 32
  • Close the gap between data protection and CFI by protecting

conditional branches

  • Generic approach: Link a redundant condition with the CFI state
  • Exploit arithmetic properties of AN-codes to develop redundant

comparison algorithms

  • Prototype compiler based on LLVM

Conclusion

March 22, 2018 Robert Schilling 32

slide-33
SLIDE 33

Robert Schilling1,2, Mario Werner1, Stefan Mangard1

1Graz University of Technology, 2Know-Center GmbH

March 22, 2018

Securing Conditional Branches in the Presence of Fault Attacks