Presentation is loading. Please wait.

Presentation is loading. Please wait.

High-Level Synthesis for Side-Channel Defense

Published byEsmond Bell Modified over 5 years ago

Similar presentations

Presentation on theme: "High-Level Synthesis for Side-Channel Defense"— Presentation transcript:

1 High-Level Synthesis for Side-Channel Defense
S. T. Choden Konigsmark, Deming Chen, Martin D. F. Wong University of Illinois at Urbana-Champaign July 10, 2017 ECE Main Slide

2 Introduction Internet of Things (IoT) introduces opportunities but also many challenges Highly resource constrained, security critical applications Security improvements need to be flexible and targeted Hardware implementations leak information Can be exploited through side-channel attacks Presence or absence of operations in power trace (SPA) Dynamic power consumption depends on many factors, e.g. capacitances, switching bits, etc. (DPA) Low-level techniques attempt to achieve input-independent power drain, resource intensive

3 Background Techniques to reduce information leakage Attack goal:
Dynamic differential logic (DDL) Wave dynamic differential logic (WDDL) creates standard building blocks to improve power consumption consistency Methods can be extended, e.g. through Double WDDL (DWDDL) Attack goal: Hostile application environment (e.g. IoT) where adversary has access to device Reveal user-specified secrets through differential power analysis, using physical access and large number of power traces

4 Synthesis Flow Overview of the side-channel leakage optimized synthesis flow. The flow combines typical HLS flows (orange) with analysis (blue) and culminates in leakage minimization operations (green).

5 Synthesis Flow Initial synthesis
Consume user-provided C-code with high-level annotations describing confidential variables First, compile into LLVM IR Derive of graph of confidential operations from initial annotations Continue with RTL synthesis without countermeasures as starting point for further analysis

6 Synthesis Flow (2)

7 Branch Balancing Identify conditionals depending on confidential values Attempt automatic mitigation by inserting matching dummy operations Log instructions for manual review Example of branch balancing. One branch of a conditional statement is supplemented with dummy instructions to minimize information leakage.

8 Leakage-Driven Allocation and Binding
Large multiplexors expensive – typically share only expensive FUs Allocation and binding are interweaved to maximize the efficiency of side-channel leakage reduction First, binding against most basic FU implementation Bind high risk operations (HRO) to common FUs Allocate resources to HRO FUs Estimate FU leakage as sum of leakages of operations bound to it

9 Leakage-Driven Allocation and Binding (2)

10 Leakage-Driven Allocation and Binding: Example
Example of leakage-driven binding. High risk operations are bound against one FU, while low risk instructions are bound against a different FU.

11 Experimental Evaluation
Implemented as extension of LegUp HLS tool Two passes: Security preparation and optimization Evaluation against: Base Reference Countermeasures applied at full design Modular Defense Countermeasures applied at module level Subset of CHStone benchmarks Addition: IoT benchmark with temperature calculations, presence of people based on sensor, and basic voice recognition Addition: SIMON benchmark, proposed for IoT security

12 Resource Target Per-benchmark upper resource limit
Leakage reduced on average by 72% compared to reference, 38% compared to modular synthesis Observation: Less delta to modular synthesis where confidential operations are constrained to module (e.g. GSM) Observation: Spread-out confidential operations bring full benefit of proposed synthesis (e.g. SIMON)

13 Resource Target (2) More stringent (lower) resource availability
Improvements to modular synthesis clearer – fine grained countermeasure application

14 Leakage Target Attempt to achieve given maximum leakage without resource constraints Low target leakage requires widespread countermeasures Less rigorous target shows more improvement potential

15 Conclusion Security as core requirement for IoT and Cloud
Countermeasures to DPA can be costly and optimization requires expert knowledge Automated synthesis flow Minimal user input required Leakage estimation through simulation and Hamming distance Fine-grained countermeasures introduced where needed Future directions Co-optimize for power consumption and operating speed Incorporate automatic masking for stronger defense

16 Thank You!

Download ppt "High-Level Synthesis for Side-Channel Defense"

Similar presentations

International Symposium on Low Power Electronics and Design Qing Xie, Mohammad Javad Dousti, and Massoud Pedram University of Southern California ISLPED.

International Symposium on Low Power Electronics and Design Qing Xie, Mohammad Javad Dousti, and Massoud Pedram University of Southern California ISLPED.
Compiler-Based Register Name Adjustment for Low-Power Embedded Processors Discussion by Garo Bournoutian.

Compiler-Based Register Name Adjustment for Low-Power Embedded Processors Discussion by Garo Bournoutian.
Presenter: PCLee – 2011.03.02. This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.

Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.
1 Authors: MILENA STANOJLOVIĆ PREDRAG PETKOVIĆ LABORATORY FOR ELECTRONIC DESIGN AUTOMATION Faculty of Electronic Engineering University of Nis.

1 Authors: MILENA STANOJLOVIĆ PREDRAG PETKOVIĆ LABORATORY FOR ELECTRONIC DESIGN AUTOMATION Faculty of Electronic Engineering University of Nis.
Enabling Efficient On-the-fly Microarchitecture Simulation Thierry Lafage September 2000.

Enabling Efficient On-the-fly Microarchitecture Simulation Thierry Lafage September 2000.
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS 2012- Singapore.

Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS Singapore.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Submission May, 2000 Doc: IEEE802.11-00 / 086 Steven Gray, Nokia Slide Brief Overview of Information Theory and Channel Coding Steven D. Gray 1.

Submission May, 2000 Doc: IEEE / 086 Steven Gray, Nokia Slide Brief Overview of Information Theory and Channel Coding Steven D. Gray 1.
CMOS Circuit Design for Minimum Dynamic Power and Highest Speed Tezaswi Raja, Dept. of ECE, Rutgers University Vishwani D. Agrawal, Dept. of ECE, Auburn.

CMOS Circuit Design for Minimum Dynamic Power and Highest Speed Tezaswi Raja, Dept. of ECE, Rutgers University Vishwani D. Agrawal, Dept. of ECE, Auburn.
Extensible Processors. 2 ASIP Gain performance by:  Specialized hardware for the whole application (ASIC). −  Almost no flexibility. −High cost.  Use.

Extensible Processors. 2 ASIP Gain performance by:  Specialized hardware for the whole application (ASIC). −  Almost no flexibility. −High cost.  Use.
Power-Aware Placement

Power-Aware Placement
 Based on the resource constraints a lower bound on the iteration interval is estimated  Synthesis targeting reconfigurable logic (e.g. FPGA) faces the.

 Based on the resource constraints a lower bound on the iteration interval is estimated  Synthesis targeting reconfigurable logic (e.g. FPGA) faces the.
Fundamentals of Information Systems, Second Edition

Fundamentals of Information Systems, Second Edition
Enhancing Embedded Processors with Specific Instruction Set Extensions for Network Applications A. Chormoviti, N. Vassiliadis, G. Theodoridis, S. Nikolaidis.

Enhancing Embedded Processors with Specific Instruction Set Extensions for Network Applications A. Chormoviti, N. Vassiliadis, G. Theodoridis, S. Nikolaidis.
Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.

Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.
EE 241 Class Project Substrate Noise Current Injected by Digital IP Cores Stefano Zanella Mentor: Luca Carloni.

EE 241 Class Project Substrate Noise Current Injected by Digital IP Cores Stefano Zanella Mentor: Luca Carloni.
Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak Francesco Regazzoni David Novo Philip Brisk François-Xavier Standaert Paolo Ienne.

Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak Francesco Regazzoni David Novo Philip Brisk François-Xavier Standaert Paolo Ienne.
SIDE CHANNEL ATTACKS Presented by: Vishwanath Patil Abhay Jalisatgi.

SIDE CHANNEL ATTACKS Presented by: Vishwanath Patil Abhay Jalisatgi.
New Challenges in Cloud Datacenter Monitoring and Management

New Challenges in Cloud Datacenter Monitoring and Management
USING SAT-BASED CRAIG INTERPOLATION TO ENLARGE CLOCK GATING FUNCTIONS Ting-Hao Lin, Chung-Yang (Ric) Huang Graduate Institute of Electrical Engineering,

USING SAT-BASED CRAIG INTERPOLATION TO ENLARGE CLOCK GATING FUNCTIONS Ting-Hao Lin, Chung-Yang (Ric) Huang Graduate Institute of Electrical Engineering,

Similar presentations

Ads by Google