SCRATCHS (Side-Channel Resistant Applications Through Co-designed Hardware/Software) is a collaboration between researchers in the fields of formal methods (Celtique, Inria Rennes), security (Cidre, CentraleSupélec Rennes) and hardware design (Lab-STICC). Our goal is to co-design a RISC-V processor and a compiler toolchain to ensure by construction that a security sensitive code is immune to timing side-channel attacks while running at maximal speed. Our claim is that a co-design is essential to get end-to-end security: cooperation between the compiler and hardware is necessary to avoid time leaks due to the micro-architecture with minimal overhead.
Side-channel attacks
Side-channel attacks are attacks based on information gathered outside of the normal interaction with a system. This extra information may come from the analysis of the power consumption of the program through time, the analysis of the state of the memory cache, timing information, and so on. Typically, we consider programs that manipulate secret data (for instance, cryptographic keys). A side-channel attack on such a program would result in the recovery of the key by an attacker, through the analysis of power, time, cache, etc. In this project we focus on timing side-channels, and in particular on cache-based side channels.
Software Countermesures
In order to prevent cache-based side-channel attacks, software countermeasures exist. The constant-time programming discipline forbids memory accesses at addresses that depend on a secret, and also forbids conditional branches with conditions that depend on a secret.
The code below is a function that computes modular exponentiation, which is a primitive used in several cryptographic algorithms. In these settings, the number n
is secret (part of the key) and should not be recoverable by an attacker.
int modexp(int x, int n, int m){ // (x ^ n) mod m
int res = 1;
while (n > 0){
if (n % 2 == 0){
res = res * x;
}
n = n / 2;
x = (x * x) % m;
}
return res;
}
This code does not respect the constant-time programming discipline. Indeed, the loop condition, but overall the condition n % 2 == 0
in the body of the loop, are dependent on the secret n
. An attacker can therefore measure time and infer, for each iteration, whether the code in the conditional block was executed or not, hence, the value of each bit of the key.
Adhering to the constant-time programming discipline is tedious, error-prone, and requires careful use of compilers — or the use of careful compilers. Moreover, this induces an overhead.
Hardware Countermeasures
Cache-based side-channel attacks are often based on the fact that an attacker may somewhat manipulate the state of the cache: indeed, the state of the cache can be modified by reading or writing to the memory, and it can be partly recovered by timing memory accesses (cache hits will be fast, cache misses will be slow).
Two main types of hardware coutermeasures exist against cache-based side-channel attacks, that prevent efficient recovery of information. The address-to-cache-set mapping may be randomized: in this case, timing memory accesses will not give much information about which addresses are in cache or not. Alternatively, the cache may be partitioned into several security domains, preventing an attacker from inspecting and modifying the state of the cache belonging to another process.
Again, these approaches induce an overhead, and make the programs run slower.
A Hardware/Software Solution
We propose an other, hybrid, solution, where the software and hardware parts will communicate to mitigate side-channels only when necessary, with a smaller overhead than pure software or pure hardware solutions.