Side-channel attacks (SCA) present a major threat to secure embedded systems. In this paper, the authors present a new technique for testing software for SCA vulnerabilities in a fast, inexpensive, and automated manner.
SLEAK: A Side-channel Leakage Evaluator and Analysis Kit
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
Side-channel attacks (SCA) present a major threat to secure embedded systems. Effective software countermeasures against SCA are well known in theory, but in practice are difficult to implement properly due to issues such as nexpected compiler transformations and/or platform-specific leakage sources.Although several recent examples from industry and academia show that SCA is becoming increasingly simple and inexpensive to perform as an attacker, evaluating the security of a system againstĀ SCA can still be expensive and time-consuming. Furthermore, most evaluation techniques must be performed near the end of the development schedule which adds significant risk.
In this paper, we present a new technique for testing software for SCA vulnerabilities in a fast, inexpensive, and automated manner. This testing could be applied to evaluate software-based SCA countermeasures even without access to source code, as may be the case with proprietary software libraries that are delivered pre-built, and without the use of side-channel collection equipment. Our implementation of the SLEAK tool demonstrates the efficacy of this technique by detecting vulnerabilities in an AES implementation that utilizes a masking countermeasure. We discuss the advantages and limitations of our technique and we conclude that it can be used to detect and understand the sourcesĀ of many common SCA vulnerabilities early in the development schedule.