SLEAK: A Side-channel Leakage Evaluator and Analysis KitNovember 2014
Topics: Cybersecurity, Signal Processing, Electronics (General), Data Encryption, Information Security, Computer Security
Side-channel attacks (SCA) present a major threat to secure embedded systems. Effective software countermeasures against SCA are well known in theory, but in practice are difficult to implement properly due to issues such as nexpected compiler transformations and/or platform-specific leakage sources.Although several recent examples from industry and academia show that SCA is becoming increasingly simple and inexpensive to perform as an attacker, evaluating the security of a system against SCA can still be expensive and time-consuming. Furthermore, most evaluation techniques must be performed near the end of the development schedule which adds significant risk.
In this paper, we present a new technique for testing software for SCA vulnerabilities in a fast, inexpensive, and automated manner. This testing could be applied to evaluate software-based SCA countermeasures even without access to source code, as may be the case with proprietary software libraries that are delivered pre-built, and without the use of side-channel collection equipment. Our implementation of the SLEAK tool demonstrates the efficacy of this technique by detecting vulnerabilities in an AES implementation that utilizes a masking countermeasure. We discuss the advantages and limitations of our technique and we conclude that it can be used to detect and understand the sources of many common SCA vulnerabilities early in the development schedule.