Related papers: Code Polymorphism Meets Code Encryption: Confidentiality and Side-Channel Protection of Software Components

Code Polymorphism Meets Code Encryption: Confidentiality and Side-Channel Protection of Software Components

URL: http://arxiv.org/abs/2310.07327v1
Date: Wed, 11 Oct 2023 09:16:10 GMT
Title: Code Polymorphism Meets Code Encryption: Confidentiality and Side-Channel Protection of Software Components
Authors: Lionel Morel, Damien Couroussé, Thomas Hiscock,
Abstract summary: PolEn is a toolchain and a processor architecturethat combine countermeasures in order to provide an effective mitigation of side-channel attacks. Code encryption is supported by a processor extension such that machineinstructions are only decrypted inside the CPU. Code polymorphism is implemented by software means. It regularly changes the observablebehaviour of the program, making it unpredictable for an attacker.
Score: 0.0
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: In this paper, we consider that, in practice, attack scenarios involving side-channel analysis combine two successive phases:an analysis phase, targeting the extraction of information about the target and the identification of possible vulnerabilities;and an exploitation phase, applying attack techniques on candidate vulnerabilities. We advocate that protections need to coverthese two phases in order to be effective against real-life attacks. We present PolEn, a toolchain and a processor architecturethat combine countermeasures in order to provide an effective mitigation of side-channel attacks: as a countermeasure againstthe analysis phase, our approach considers the use of code encryption; as a countermeasure against the exploitation phase,our approach considers the use of code polymorphism, because it relies on runtime code generation, and its combinationwith code encryption is particularly challenging. Code encryption is supported by a processor extension such that machineinstructions are only decrypted inside the CPU, which effectively prevents reverse engineering or any extraction of usefulinformation from memory dumps. Code polymorphism is implemented by software means. It regularly changes the observablebehaviour of the program, making it unpredictable for an attacker, hence reducing the possibility to exploit side-channelleakages. We present a prototype implementation, based on the RISC-V Spike simulator and a modified LLVM toolchain. Inour experimental evaluation, we illustrate that PolEn effectively reduces side-channel leakages. For the protected functionsevaluated, static memory use increases by a factor of 5 to 22, corresponding to the joint application of code encryption andcode polymorphism. The overhead, in terms of execution time, ranges between a factor of 1.8 and 4.6.

Related papers

HexaCoder: Secure Code Generation via Oracle-Guided Synthetic Training Data [60.75578581719921]
Large language models (LLMs) have shown great potential for automatic code generation. Recent studies highlight that many LLM-generated code contains serious security vulnerabilities. We introduce HexaCoder, a novel approach to enhance the ability of LLMs to generate secure codes.
arXiv Detail & Related papers (2024-09-10T12:01:43Z)
Providing High-Performance Execution with a Sequential Contract for Cryptographic Programs [3.34371579019566]
Constant-time programming is a widely deployed approach to harden cryptographic programs against side channel attacks. Modern processors violate the underlying assumptions of constant-time policies by speculatively executing unintended paths of the program. We propose Cassandra, a novel hardware-software mechanism to protect constant-time cryptographic code against speculative control flow based attacks.
arXiv Detail & Related papers (2024-06-06T17:34:48Z)
RTL Interconnect Obfuscation By Polymorphic Switch Boxes For Secure Hardware Generation [0.0]
We present an interconnect obfuscation scheme at the Register-Transfer Level (RTL) using Switch Boxes (SBs) constructed of Polymorphic Transistors. A polymorphic SB can be designed using the same transistor count as its Complementary-Metal-Oxide-Semiconductor based counterpart.
arXiv Detail & Related papers (2024-04-11T01:42:01Z)
CodeChameleon: Personalized Encryption Framework for Jailbreaking Large Language Models [49.60006012946767]
We propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics. We conduct extensive experiments on 7 Large Language Models, achieving state-of-the-art average Attack Success Rate (ASR) Remarkably, our method achieves an 86.6% ASR on GPT-4-1106.
arXiv Detail & Related papers (2024-02-26T16:35:59Z)
SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI. SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive. Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z)
Citadel: Real-World Hardware-Software Contracts for Secure Enclaves Through Microarchitectural Isolation and Controlled Speculation [8.414722884952525]
Hardware isolation primitives such as secure enclaves aim to protect programs, but remain vulnerable to transient execution attacks. This paper advocates for processors to incorporate microarchitectural isolation primitives and mechanisms for controlled speculation. We introduce two mechanisms to securely share memory between an enclave and an untrusted OS in an out-of-order processor.
arXiv Detail & Related papers (2023-06-26T17:51:23Z)
Generalized Power Attacks against Crypto Hardware using Long-Range Deep Learning [6.409047279789011]
GPAM is a deep-learning system for power side-channel analysis. It generalizes across multiple cryptographic algorithms, implementations, and side-channel countermeasures. We demonstrate GPAM's capability by successfully attacking four hardened hardware-accelerated elliptic-curve digital-signature implementations.
arXiv Detail & Related papers (2023-06-12T17:16:26Z)
Versatile Weight Attack via Flipping Limited Bits [68.45224286690932]
We study a novel attack paradigm, which modifies model parameters in the deployment stage. Considering the effectiveness and stealthiness goals, we provide a general formulation to perform the bit-flip based weight attack. We present two cases of the general formulation with different malicious purposes, i.e., single sample attack (SSA) and triggered samples attack (TSA)
arXiv Detail & Related papers (2022-07-25T03:24:58Z)
Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z)
Securing Optimized Code Against Power Side Channels [1.589424114251205]
Security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations. This paper proposes SecConCG, a constraint-based compiler approach that generates optimized yet secure code.
arXiv Detail & Related papers (2022-07-06T12:06:28Z)
Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes. We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks. These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.