International Association for Cryptologic Research

International Association
for Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems, Volume 2023

PROLEAD_SW:

Probing-Based Software Leakage Detection for ARM Binaries


Jannik Zeitschner
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Nicolai Müller
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Amir Moradi
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany


Keywords: Side-Channel Analysis, Leakage Detection, Software, Masking


Abstract

A decisive contribution to the all-embracing protection of cryptographic software, especially on embedded devices, is the protection against Side-Channel Analysis (SCA) attacks. Masking countermeasures can usually be integrated into the software during the design phase. In theory, this should provide reliable protection against such physical attacks. However, the correct application of masking is a non-trivial task that often causes even experts to make mistakes. In addition to human-caused errors, micro-architectural Central Processing Unit (CPU) effects can lead even a seemingly theoretically correct implementation to fail to satisfy the desired level of security in practice. This originates from different components of< the underlying CPU which complicates the tracing of leakage back to a particular source and hence avoids making general and device-independent statements about its security.
PROLEAD has recently been presented at CHES 2022 and has originally been developed as a simulation-based tool to evaluate masked hardware designs. In this work, we adapt PROLEAD for the evaluation of masked software, and enable the transfer of the already known benefits of PROLEAD into the software world. These include (1) evaluation of larger designs compared to the state of the art, e.g. a full Advanced Encryption Standard (AES) masked implementation, and (2) formal verification under our new generic leakage model for CPUs. Concretely, we formalize leakages, observed across different CPU architectures, into a generic abstraction model that includes all these leakages and is therefore independent of a specific CPU design. Our resulting tool PROLEAD_SW allows to provide a formal statement on the security based on the derived generic model. As a concrete result, using PROLEAD_SW we evaluated the security of several publicly available masked software implementations in our new generic leakage model and reveal multiple vulnerabilities.

Publication

Transactions of Cryptographic Hardware and Embedded Systems, Volume 2023, Issue 3

Paper

Artifact

Artifact number
tches/2023/a17

Artifact published
June 21, 2024

README

ZIP (11MB)  

View on Github

License


BibTeX How to cite

Zeitschner, J., Müller, N., & Moradi, A. (2023). PROLEAD_SW: Probing-Based Software Leakage Detection for ARM Binaries. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(3), 391–421. Artifact at https://artifacts.iacr.org/tches/2023/a17.