Hardware Extensions and Compiler Support for Protection Against Fault Attacks

Abstract

Software is ubiquitous in all applications of modern lives. The correct execution of software is essential for the functionality and security of the underlying device. Fault attacks undermine the correct software execution and therefore break the security of many devices. Attackers with physical proximity can induce faults and disrupt the correct operation. With recent research results, faults can even be induced via software remotely, bringing those attacks to even larger systems. Unfortunately, the current processors do not offer considerable support in safeguarding software execution from fault attacks. In this thesis, we tackle the challenge of secure software execution in the presence of fault attacks from three perspectives. First, we look into this problem from an algorithmic and energy efficiency point of view. We analyze a hardware accelerator for fault- and side-channel secure cryptography. Instead of deploying redundancy-based protection against faults, we explore fresh re-keying as an algorithmic way of protection. The accelerator is deeply integrated into a multi-core System-on-Chip and provides fault-protected (authenticated) encryption with an energy budget of a few pJ/op. Then, we shift the perspective and analyze how a compiler-assisted approach can be used to protect arbitrary software against faults. We show that existing hardware primitives from the ARM instruction set architecture can be used to build a control-flow integrity (CFI) protection scheme against software- and fault-based control-flow attacks. By developing FIPAC, a basic block granular CFI protection scheme with full compiler support, we can protect software with different security guarantees against control-flow attacks. FIPAC is further the pillar to protect the system call interface of an operating system against faults. Eventually, we solve the challenge of unprotected conditional branches in the presence of faults, even with deployed CFI. By designing a protected comparison that is linked to the CFI scheme, we inherently provide protection for security-critical conditional branches. Finally, we investigate the protection of memory accesses in the physical and virtual memory domain against fault attacks. With reasonable hardware and runtime overheads, we protect the memory subsystem of embedded- and application-class processors against faults. These mechanisms use the help of the compiler and can be automatically applied to arbitrary software. These developments show that a compiler-assisted hardware-software code design can lead to efficient and secure countermeasures for different performance profiles.