Instruction duplication: Leaky and not too fault-tolerant!

Lucian Cojocar; Kostas Papagiannopoulos; Niek Timmers

doi:10.1007/978-3-319-75208-2_10

Instruction duplication: Leaky and not too fault-tolerant!

Lucian Cojocar^*, Kostas Papagiannopoulos, Niek Timmers

^*Corresponding author for this work

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

Original language	English
Title of host publication	Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers
Publisher	Springer/Verlag
Pages	160-179
Number of pages	20
ISBN (Electronic)	9783319752082
ISBN (Print)	9783319752075
DOIs	https://doi.org/10.1007/978-3-319-75208-2_10
Publication status	Published - 2018
Event	16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017 - Lugano, Switzerland Duration: 13 Nov 2017 → 15 Nov 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10728 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017
Country/Territory	Switzerland
City	Lugano
Period	13/11/17 → 15/11/17

Funding

Acknowledgements. This research was supported by the NWO CYBSEC “OpenS-esame” project (628.001.005) and the NWO project ProFIL (628.001.007). We thank our anonymous reviewers and our shepherds, Fischer Jean-Bernard and Romailler Yolan for their invaluable feedback. We also thank Marius Schilder and Dominic Rizzo from Google Inc. for their support in developing the compiler.

Access to Document

10.1007/978-3-319-75208-2_10

Persistent URL (handle)

Persistent link

Cite this

Cojocar, L., Papagiannopoulos, K., & Timmers, N. (2018). Instruction duplication: Leaky and not too fault-tolerant! In Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers (pp. 160-179). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10728 LNCS). Springer/Verlag. https://doi.org/10.1007/978-3-319-75208-2_10

Cojocar, Lucian ; Papagiannopoulos, Kostas ; Timmers, Niek. / Instruction duplication : Leaky and not too fault-tolerant!. Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag, 2018. pp. 160-179 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{f43e98c549484cffacc5e14ac00185cd,

title = "Instruction duplication: Leaky and not too fault-tolerant!",

abstract = "Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.",

author = "Lucian Cojocar and Kostas Papagiannopoulos and Niek Timmers",

year = "2018",

doi = "10.1007/978-3-319-75208-2\_10",

language = "English",

isbn = "9783319752075",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer/Verlag",

pages = "160--179",

booktitle = "Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers",

note = "16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017 ; Conference date: 13-11-2017 Through 15-11-2017",

}

Cojocar, L, Papagiannopoulos, K & Timmers, N 2018, Instruction duplication: Leaky and not too fault-tolerant! in Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10728 LNCS, Springer/Verlag, pp. 160-179, 16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017, Lugano, Switzerland, 13/11/17. https://doi.org/10.1007/978-3-319-75208-2_10

Instruction duplication: Leaky and not too fault-tolerant! / Cojocar, Lucian; Papagiannopoulos, Kostas; Timmers, Niek.
Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag, 2018. p. 160-179 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10728 LNCS).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Instruction duplication

T2 - 16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017

AU - Cojocar, Lucian

AU - Papagiannopoulos, Kostas

AU - Timmers, Niek

PY - 2018

Y1 - 2018

N2 - Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

AB - Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

UR - https://www.scopus.com/pages/publications/85041727391

UR - https://www.scopus.com/inward/citedby.url?scp=85041727391&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-75208-2_10

DO - 10.1007/978-3-319-75208-2_10

M3 - Conference contribution

AN - SCOPUS:85041727391

SN - 9783319752075

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 160

EP - 179

BT - Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers

PB - Springer/Verlag

Y2 - 13 November 2017 through 15 November 2017

ER -

Cojocar L, Papagiannopoulos K, Timmers N. Instruction duplication: Leaky and not too fault-tolerant! In Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag. 2018. p. 160-179. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). Epub 2018 Jan 26. doi: 10.1007/978-3-319-75208-2_10

Instruction duplication: Leaky and not too fault-tolerant!

Abstract

Publication series

Conference

Funding

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this