COGITO: Code Polymorphism to Secure Devices
Damien Couroussé, Bruno Robisson, Jean-Louis Lanet, Thierno Barry, Hassan Noura, Philippe Jaillon, Philippe Lalevée
2014
Abstract
In this paper, we advocate the use of code polymorphism as an efficient means to improve security at several levels in electronic devices. We analyse the threats that polymorphism could help thwart, and present the solution that we plan to demonstrate in the scope of a collaborative research project called COGITO. We expect our solution to be effective to improve security, to comply with the computing and memory constraints of embedded devices, and to be easily generalisable to a large set of embedded computing platforms.
References
- Agosta, G., Barenghi, A., and Pelosi, G. (2012). A code morphing methodology to automate power analysis countermeasures. In DAC, pages 77-82. ACM.
- Amarilli, A., Müller, S., Naccache, D., Page, D., Rauzy, P., and Tunstall, M. (2011). Can Code Polymorphism Limit Information Leakage? In WISTP, LNCS 6633, pages 1-21.
- Aracil, C. and Couroussé, D. (2013). Software acceleration of floating-point multiplication using runtime code generation. In ICEAC, pages 18-23.
- Arora, D., Ravi, S., Raghunathan, A., and Jhaals, N. K. (2005). Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring. In DATE, pages 178-183.
- Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., and Yang, K. (2001). On the (im) possibility of obfuscating programs. In CRYPTO, pages 1-18. Springer.
- Barbu, G., Thiebeauld, H., and Guerin, V. (2010). Attacks on Java Card 3.0 Combining Fault and Logical Attacks. In CARDIS, volume 6035 of LNCS, pages 148- 163. Springer.
- Bayrak, A. G., Velickovic, N., Ienne, P., and Burleson, W. (2012). An architecture-independent instruction shuffler to protect against side-channel attacks. ACM TACO, 8(4):20:1-20:19.
- Chakraborty, R. and Bhunia, S. (2009). Harpoon: An obfuscation-based soc design methodology for hardware protection. TCAD, 28(10):1493-1502.
- Charles, H.-P., Couroussé, D., Lomller, V., Endo, F., and Gauguey, R. (2014). deGoal a Tool to Embed Dynamic Code Generators into Applications. In Compiler Construction, volume 8409 of LNCS, pages 107- 112. Springer.
- Collberg, C., Thomborson, C., and Low, D. (1997). A taxonomy of obfuscating transformations. Technical Report 148, Department of Computer Science, University of Auckland.
- Couroussé, D., Lomüller, V., and Charles, H.-P. (2013). Introduction to Dynamic Code Generation - an Experiment with Matrix Multiplication for the STHORM Platform, chapter 6, pages 103-124. Springer.
- Dutertre, J.-M., Possamai Bastos, R., Potin, O., Flottes, M.- L., Rouzeyre, B., and Di Natale, G. (2013). Sensitivity tuning of a bulk built-in current sensor for optimal transient-fault detection. Microelectronics Reliability, 53(9):1320-1324.
- Genkin, D., Shamir, A., and Tromer, E. (2013). RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis. Cryptology ePrint Archive, Report 2013/857.
- Guilley, S., Sauvage, L., Flament, F., Vong, V.-N., Hoogvorst, P., and Pacalet, R. (2010). Evaluation of power constant dual-rail logics countermeasures against DPA with design time security metrics. IEEE Trans. Computers, 59(9):1250-1263.
- Kotzmann, T., Wimmer, C., Mössenböck, H., Rodriguez, T., Russell, K., and Cox, D. (2008). Design of the java hotspot client compiler for java 6. ACM TACO, 5(1):7:1-7:32.
- Madou, M., Anckaert, B., Moseley, P., Debray, S., Sutter, B., and Bosschere, K. (2006). Software protection through dynamic code mutation. volume 3786 of LNCS, pages 194-206. Springer.
- Mangard, S., Oswald, E., and Popp, T. (2007). Power analysis attacks: Revealing the secrets of smart cards. Springer.
- May, D., Muller, H., and Smart, N. (2001a). Random Register Renaming to Foil DPA. In CHES, volume LNCS 2162, pages 28-38. Springer.
- May, D., Muller, H. L., and Smart, N. P. (2001b). Nondeterministic processors. In ACISP'01, pages 115- 129. Springer.
- Moro, N., Heydemann, K., Encrenaz, E., and Robisson, B. (2014). Formal verification of a software countermeasure against instruction skip attacks. Journal of Cryptographic Engineering, pages 1-12.
- Novak, R. (2003). Side-channel attack on substitution blocks. volume 2846 of LNCS, pages 307-318. Springer.
- Petroni, Jr., N. L. and Hicks, M. (2007). Automated detection of persistent kernel control-flow attacks. In CCS, pages 103-115. ACM.
- Sander, T. and Tschudin, C. (1998). On software protection via function hiding. In Information Hiding, volume 1525 of LNCS, pages 111-123. Springer.
- Shamir, A. (2000). Protecting smart cards from passive power analysis with detached power supplies. In CHES, LNCS, pages 71-77. Springer.
- Zussa, L., Dehbaoui, A., Tobich, K., Dutertre, J.-M., Maurine, P., Guillaume-Sage, L., Clediere, J., and Tria, A. (2014). Efficiency of a glitch detector against electromagnetic fault injection. In DATE, pages 1-6.
Paper Citation
in Harvard Style
Couroussé D., Robisson B., Lanet J., Barry T., Noura H., Jaillon P. and Lalevée P. (2014). COGITO: Code Polymorphism to Secure Devices . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 451-456. DOI: 10.5220/0005113704510456
in Bibtex Style
@conference{secrypt14,
author={Damien Couroussé and Bruno Robisson and Jean-Louis Lanet and Thierno Barry and Hassan Noura and Philippe Jaillon and Philippe Lalevée},
title={COGITO: Code Polymorphism to Secure Devices},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={451-456},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005113704510456},
isbn={978-989-758-045-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - COGITO: Code Polymorphism to Secure Devices
SN - 978-989-758-045-1
AU - Couroussé D.
AU - Robisson B.
AU - Lanet J.
AU - Barry T.
AU - Noura H.
AU - Jaillon P.
AU - Lalevée P.
PY - 2014
SP - 451
EP - 456
DO - 10.5220/0005113704510456