SLEAK: A Side-Channel Leakage Evaluator and Analysis Kit
Abstract
Side-channel attacks (SCA) present a major threat to secure embedded systems. Effective software countermeasures against SCA are well known in theory, but in practice are difficult to implement properly due to issues such as unexpected compiler transformations and/or platform-specific leakage sources. Although several recent examples from industry and academia show that SCA is becoming increasingly simple and inexpensive to perform as an attacker, evaluating the security of a system against SCA can still be expensive and time-consuming. Furthermore, most evaluation techniques must be performed near the end of the development schedule which adds significant risk. In this paper, we present a new technique for testing software for SCA vulnerabilities in a fast, inexpensive, and automated manner. This testing could be applied to evaluate software-based SCA countermeasures even without access to source code, as may be the case with proprietary software libraries that are delivered pre-built, and without the use of side-channel collection equipment. Our implementation of the SLEAK tool demonstrates the efficacy of this technique by detecting vulnerabilities in an AES implementation that utilizes a masking countermeasure. We discuss the advantages and limitations of our technique and we conclude that it can be used to detect and understand the sources of many common SCA vulnerabilities early in the development schedule.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2014
- Accession Number
- AD1107774
Entities
People
- Andrew Hagen
- Dan Walters
- Eric Kedaigle
Organizations
- MITRE Corporation