Architectural and Micro-architectural Countermeasures against Physical Attack

Advances in cryptanalysis are often produced by mathematicians who seek techniques to unravel the hard problems on which modern cryptosystems are based. Attacks based on the concept of physical security move the art of cryptanalysis from the mathematical domain into the practical domain of implementation. By considering the implementation of cryptosystems rather than purely their specification, researchers have found they can mount physical attacks which are of low cost, in terms of time and equipment, and are highly successful in extracting useful results. Recent examples that demonstrate the real-world impact of such attacks are those against the KeeLoq range of RFID devices used for car and building access control, and MIFARE contactless smart-cards (e.g. the ``Oyster'' cards used by the London Underground).Side-channel attacks are a genre of physical attack based on the assumption that one can passively observe an algorithm being executed by some hardware device, and infer details about the internal state of computation from the features that occur. A typical side-channel attack consists of a collection phase that provides the attacker with profiles of execution, and an analysis phase which recovers otherwise secret information from the profiles. Focusing on power and EM based attacks in particular, countermeasures against side-channel attack are increasingly well understood on a case by case basis; at a high-level they can be classified as either hiding (breaking the link between execution and profiles) or masking (breaking the link between execution and algorithm). Approaches to hiding style countermeasures typically attempt to make each profile constant for all secrets, or entirely random; in both cases the premise is that a profile can no longer be correlated to the secret information.There are a number of approaches to implementing these sorts of countermeasure. At the highest-level, one can consider alternate algorithms (or implementation approaches) that realise hiding or masking in software. On one hand this approach is very algorithm-specific and can imply a significant performance penalty; on the other hand, no alterations are required to the hardware on which the software executes. At the lowest-level, one can consider using so-called secure logic styles; the basic idea is to replace CMOS cell libraries with alternatives which, for example, consume a constant amount of power regardless of the result they compute. The major disadvantage of this approach is the resulting overhead in terms of area; the major advantage is that the approach is largely algorithm-agnostic, i.e. is a general solution which can be automatically applied.The research programme within this proposal aims, in a sense, to adopt an approach between these two extremes. The crux of the research is the alteration of a general purpose processor so that countermeasures against side-channel attack are implemented at the micro-architectural level. The processor will retain the same Instruction Set Architecture (ISA) and hence the same functional characteristics, but the behavioural characteristics will prevent leakage of information via, for example, power analysis. Our focus is on aspects of the micro-architecture which can be randomised in some way. We suggest that this approach will afford a level of flexibility and algorithm agility representing an attractive trade-off between security and other metrics. Specifically, it permits high-level algorithmic countermeasures to be automatically supported by the hardened processor platform (meshing with the ideal of tiered countermeasures rather than a single panacea), while largely avoiding the overhead and sensitivity to underlying process technology traditionally associated with secure logic styles.