Abstract
Side-channel attacks (SCA) enable attackers to gain access to non-disclosed information by measuring emissions of a system, e.g., timing, electromagnetic waves or power consumption. The emissions of a system can typically only be measured on the final system. As a consequence, the analysis of such security threats is often only possible at a very late stage in the development process. In this paper, we present an approach to simulate timing attacks in early stages of the development process with SystemC and discuss the potentials and limitations of this approach. Our results show that the simulation of SCA in SystemC is generally possible, but currently difficult due to an explanation gap. It is, to the best of our knowledge, not well understood where the causal connection between physical quantities and data, which is exploited in SCA, comes from. This poses a major challenge for the design of precise models that accurately reflect physical insights for early security analysis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abrishamchi, M.A.N., Abdullah, A.H., Cheok, A.D., Bielawski, K.S.: Side channel attacks on smart home systems: a short overview. In: IECON 2017–43rd Annual Conference of the IEEE Industrial Electronics Society, pp. 8144–8149. IEEE (2017)
Barthe, G., Grégoire, B., Laporte, V.: Secure compilation of side-channel countermeasures: the case of cryptographic “constant-time”. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), pp. 328–343 (2018)
Booth, A.D.: A signed binary multiplication technique. Q. J. Mech. Appl. Math. 4(2), 236–240 (1951)
Burns, F., Murphy, J., Shang, D., Koelmans, A., Yakorlev, A.: Dynamic global security-aware synthesis using SystemC. IET Comput. Digital Tech. 1(4), 405–413 (2007)
Bushager, A., Zwolinski, M.: Modelling smart card security protocols in SystemC TLM. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, pp. 637–643, December 2010. https://doi.org/10.1109/EUC.2010.102
Chen, Y.Y., Hsu, C.H., Leu, K.L.: Analysis of system bus transaction vulnerability in SystemC TLM design platform. In: WSEAS International Conference. Proceedings. Mathematics and Computers in Science and Engineering, vol. 3. World Scientific and Engineering Academy and Society (2009)
Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 167–182. Springer, Heidelberg (2000). https://doi.org/10.1007/10721064_15
IEEE: IEEE Standard for Standard SystemC Language Reference Manual. IEEE Std 1666-2011 (Revision of IEEE Std 1666–2005), pp. 1–638 (2012)
Kaur, S., Singh, B., Gupta, L.: Simulation-based method for analyzing timing attack against pass-code breaking system. In: Singh, P.K., Singh, Y., Chhabra, J.K., Illés, Z., Verma, C. (eds.) Recent Innovations in Computing. LNEE, vol. 855, pp. 795–808. Springer, Cham (2022). https://doi.org/10.1007/978-981-16-8892-8_60
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9
Lai, X., Jenihhin, M., Raik, J., Paul, K.: PASCAL: timing SCA resistant design and verification flow. In: 2019 IEEE 25th International Symposium on On-Line Testing and Robust System Design (IOLTS), pp. 239–242. IEEE (2019)
Park, J., Corba, M., Antonio, E., Vigeant, R.L., Tehranipoor, M., Bhunia, S.: ATAVE: a framework for automatic timing attack vulnerability evaluation. In: 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS), pp. 559–562. IEEE (2017)
Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 142–159. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_9
Rothbart, K., Neffe, U., Steger, C., Weiss, R., Rieger, E., Mühlberger, A.: High level fault injection for attack simulation in smart cards. In: 13th Asian Test Symposium, pp. 118–121. IEEE (2004)
Rothbart, K., Neffe, U., Steger, C., Weiss, R., Rieger, E., Mühlberger, A.: An environment for design verification of smart card systems using attack simulation in SystemC. In: ACM/IEEE International Conference on Formal Methods and Models for Co-design (MEMOCODE), pp. 253–254. IEEE (2005)
Spreitzer, R., Moonsamy, V., Korak, T., Mangard, S.: Systematic classification of side-channel attacks: a case study for mobile devices. IEEE Commun. Surv. Tutorials 20(1), 465–488 (2017)
Stamp, M.: Information Security - Principles and Practice. Wiley, New York (2011)
Tiri, K., Verbauwhecle, I.: Simulation models for side-channel information leaks. In: Design Automation Conference, pp. 228–233. IEEE (2005)
Treus, J., Herber, P.: Early analysis of security threats by modeling and simulating power attacks in SystemC. In: IEEE Vehicular Technology Conference, pp. 1–5. IEEE (2020)
Veshchikov, N., Guilley, S.: Use of simulators for side-channel analysis. In: European Symposium on Security and Privacy Workshops, pp. 104–112. IEEE (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 IFIP International Federation for Information Processing
About this paper
Cite this paper
Schoppmeier, M., Herber, P. (2023). Simulation of Timing Attacks and Challenges for Early Side-Channel Security Analysis. In: Henkler, S., Kreutz, M., Wehrmeister, M.A., Götz, M., Rettberg, A. (eds) Designing Modern Embedded Systems: Software, Hardware, and Applications. IESS 2022. IFIP Advances in Information and Communication Technology, vol 669. Springer, Cham. https://doi.org/10.1007/978-3-031-34214-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-34214-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-34213-4
Online ISBN: 978-3-031-34214-1
eBook Packages: Computer ScienceComputer Science (R0)