SMT-Based Verification of Software Countermeasures against Side-Channel Attacks

  • Hassan Eldib
  • Chao Wang
  • Patrick Schaumont
Conference paper

DOI: 10.1007/978-3-642-54862-8_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8413)
Cite this paper as:
Eldib H., Wang C., Schaumont P. (2014) SMT-Based Verification of Software Countermeasures against Side-Channel Attacks. In: Ábrahám E., Havelund K. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2014. Lecture Notes in Computer Science, vol 8413. Springer, Berlin, Heidelberg

Abstract

A common strategy for designing countermeasures against side channel attacks is using randomization techniques to remove the statistical dependency between sensitive data and side-channel emissions. However, this process is both labor intensive and error prone, and currently, there is a lack of automated tools to formally access how secure a countermeasure really is. We propose the first SMT solver based method for formally verifying the security of a countermeasures against such attacks. In addition to checking whether the sensitive data are masked, we also check whether they are perfectly masked, i.e., whether the joint distribution of any d intermediate computation results is independent of the secret key. We encode this verification problem into a series of quantifier-free first-order logic formulas, whose satisfiability can be decided by an off-the-shelf SMT solver. We have implemented the new method in a tool based on the LLVM compiler and the Yices SMT solver. Our experiments on recently proposed countermeasures show that the method is both effective and efficient for practical use.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Hassan Eldib
    • 1
  • Chao Wang
    • 1
  • Patrick Schaumont
    • 1
  1. 1.Department of ECEVirginia TechBlacksburgUSA

Personalised recommendations