Securing Conditional Branches in the Presence of Fault Attacks Robert Schilling 1,2 , Mario Werner 1 , Stefan Mangard 1 1 Graz University of Technology, 2 Know-Center GmbH March 22, 2018
Overview • Introduction to control-flow integrity and data protection • Generic approach to protect conditional branches without hardware extensions • Protected comparison algorithms based on AN-codes • Prototype compiler based on LLVM • Evaluation March 22, 2018 Robert Schilling 2
Motivation • Fault attacks can modify the code and data • Control-flow integrity (CFI) restricts the control-flow PW check to valid execution traces • Data encoding to protect arithmetic Enter Raise Alarm System • No protection for conditional branches • Conditional branches are critical instructions Continue • Password checks, signature verification depend on conditional branches • Preferred target for fault attacks March 22, 2018 Robert Schilling 3
Introduction to Control-Flow Integrity (CFI) • Different CFI granularities Instruction granularity • Program counter dependent state 𝑇 𝑗 𝐽1 𝑇 1 𝑇 2 𝐽2 • Depends on the previous state 𝑇 3 𝐽3 • Depends on currently executed instruction 𝑇 4 𝐽4 𝐽7 𝑇 7 𝑇 5 𝑇 8 𝐽5 𝐽8 Conditional branches are not 𝑇 6 𝑇 9 𝐽6 𝐽9 protected by means of CFI March 22, 2018 Robert Schilling 4
A Primer to AN-Codes • Arithmetic codes defined by: 𝑦 𝑑 = 𝐵 ∙ 𝑦 • All code words are multiples of the encoding constant 𝐵 • AN-code congruence: 0 ≡ 𝑦 𝑑 𝑛𝑝𝑒 𝐵 • Support different arithmetic operations • +, -, *, / • Closed under addition/subtraction • Adding two AN-code words results in another valid AN-code word • 𝑨 𝑑 = 𝑦 𝑑 + 𝑧 𝑑 = 𝐵 ∙ 𝑦 + 𝐵 ∙ 𝑧 = 𝐵 ∙ (𝑦 + 𝑧) March 22, 2018 Robert Schilling 5
What is a Conditional Branch 1. First operation: Comparison • Takes two inputs x, y and comparison predicate P • Returns 1-bit signal if the comparison is true or false 2. Second operation: Branch • Determines how to update the program counter (PC 1 ,PC 2 ) March 22, 2018 Robert Schilling 6
Conditional Branch with CFI • CFI introduces a program counter dependent state S • State is different if branch is taken or not • Decision if the branch is taken still relies on a 1-bit signal March 22, 2018 Robert Schilling 7
Generic Protected Conditional Branches • Multiple attack vectors to bypass conditional branches 1. Faulting the operands 2. Faulting the comparison 3. Faulting the branch March 22, 2018 Robert Schilling 8
Generic Protected Conditional Branches • Multiple attack vectors to bypass conditional branches Faulting the operands Add redundancy to x and y (AN-codes) 1. 2. Faulting the comparison 3. Faulting the branch March 22, 2018 Robert Schilling 9
Generic Protected Conditional Branches • Multiple attack vectors to bypass conditional branches Faulting the operands Add redundancy to x and y (AN-codes) 1. Faulting the comparison Encoded comparison in software 2. 3. Faulting the branch March 22, 2018 Robert Schilling 10
Generic Protected Conditional Branches • Multiple attack vectors to bypass conditional branches Faulting the operands Add redundancy to x and y (AN-codes) 1. Faulting the comparison Encoded comparison in software 2. Faulting the branch Link the redundant condition value with the CFI 3. state March 22, 2018 Robert Schilling 11
Example: Protected Conditional Branch 1. Compute the encoded compare 𝐽1 𝑇 1 2. Perform a standard conditional 𝑇 2 𝐽2 𝑇 3 branch 𝑑𝑝𝑜𝑒 = EncCmp 𝑇 4 𝑐𝑠 𝑑𝑝𝑜𝑒 = 𝑈𝑠𝑣𝑓 3. Link the redundant condition value with the CFI state ∗ ∗ 𝑇 6 𝑉𝑞𝑒𝑏𝑢𝑓(𝑑𝑝𝑜𝑒) 𝑉𝑞𝑒𝑏𝑢𝑓(𝑑𝑝𝑜𝑒) 𝑇 8 𝑇 6 𝑇 8 𝐽6 𝐽8 𝑇 7 𝑇 9 𝐽7 𝐽9 Wrong branch and wrong condition lead to invalid CFI state March 22, 2018 Robert Schilling 12
Protected Comparisons with AN-Codes • Problem: • 𝑑𝑝𝑜𝑒𝑗𝑢𝑗𝑝𝑜 ← 𝐹𝑜𝑑𝑝𝑒𝑓𝑒𝐷𝑝𝑛𝑞𝑏𝑠𝑓 𝑄, 𝑦 𝑑 , 𝑧 𝑑 𝑥𝑗𝑢ℎ 𝑑𝑝𝑜𝑒𝑗𝑢𝑗𝑝𝑜 ∈ 𝐷 1 , 𝐷 2 𝑏𝑜𝑒 𝐼𝑏𝑛𝑛𝑗𝑜 𝐸𝑗𝑡𝑢𝑏𝑜𝑑𝑓 ≥ 𝐸 • Find an algorithm for all comparison predicates: <, ≤, >, ≥, =, ≠ • How to compute 𝑦 𝑑 < 𝑧 𝑑 ? March 22, 2018 Robert Schilling 13
Protected < Comparison with AN-Codes • Step 1: Subtract 𝑦 𝑑 − 𝑧 𝑑 • 𝑦 𝑑 − 𝑧 𝑑 ቊpositve if 𝑦 𝑑 ≥ 𝑧 𝑑 negative if 𝑦 𝑑 < 𝑧 𝑑 • Sign bit determines the comparison No redundancy • Returns a valid AN-code word because AN-codes are closed under subtractions • AN-code congruence true • How to map the sign bit to a redundant condition value? March 22, 2018 Robert Schilling 14
Protected < Comparison with AN-Codes • Step 2: Condition mapping • 𝑦 𝑑 − 𝑧 𝑑 ቊpositve if 𝑦 𝑑 ≥ 𝑧 𝑑 negative if 𝑦 𝑑 < 𝑧 𝑑 • Map the difference to redundant condition values • Trick: Cast difference to unsigned March 22, 2018 Robert Schilling 15
Protected < Comparison with AN-Codes • Step 2: Condition mapping • 𝑦 𝑑 − 𝑧 𝑑 ቊpositve if 𝑦 𝑑 ≥ 𝑧 𝑑 negative if 𝑦 𝑑 < 𝑧 𝑑 • AN-code congruence still true • 0 ≡ 𝑦 𝑑 − 𝑧 𝑑 𝑣 𝑛𝑝𝑒 𝐵 • No change for positive differences due to the cast March 22, 2018 Robert Schilling 16
Protected < Comparison with AN-Codes • Step 2: Condition mapping • 𝑦 𝑑 − 𝑧 𝑑 ቊpositve if 𝑦 𝑑 ≥ 𝑧 𝑑 negative if 𝑦 𝑑 < 𝑧 𝑑 • (𝑦 𝑑 − 𝑧 𝑑 ) 𝑣 = 2 32 + 𝑦 𝑑 − 𝑧 𝑑 = 2 32 + 𝐵 ∙ (𝑦 − 𝑧) • AN-code congruence not true anymore = (2 32 +𝐵 ∙ 𝑦 − 𝑧 ) 𝑛𝑝𝑒 𝐵 • (𝑦 𝑑 − 𝑧 𝑑 ) 𝑣 𝑛𝑝𝑒 𝐵 ቐ cancels out = 2 32 𝑛𝑝𝑒 𝐵 March 22, 2018 Robert Schilling 17
Protected < Comparison with AN-Codes • Condition mapping • (𝑦 𝑑 − 𝑧 𝑑 ) 𝑣 𝑛𝑝𝑒 𝐵 ቊ0 if 𝑦 𝑑 ≥ 𝑧 𝑑 2 32 𝑛𝑝𝑒 𝐵 if 𝑦 𝑑 < 𝑧 𝑑 • To avoid a zero condition value add a constant 𝐷 March 22, 2018 Robert Schilling 18
Protected < Comparison with AN-Codes • Condition mapping C if 𝑦 𝑑 ≥ 𝑧 𝑑 • (𝑦 𝑑 − 𝑧 𝑑 + C) 𝑣 𝑛𝑝𝑒 𝐵 ቊ 𝐷 + 2 32 𝑛𝑝𝑒 𝐵 if 𝑦 𝑑 < 𝑧 𝑑 • To avoid a zero condition value add a constant 𝐷 • Final algorithm: March 22, 2018 Robert Schilling 19
Protected Comparisons with AN-Codes • Applicable to ≤, >, ≥ by • Swapping the operands of the first subtraction • Swapping the true and false constants • = / ≠ equal comparison assembled using ≤ and ≥ March 22, 2018 Robert Schilling 20
LLVM Compiler Prototype • Annotate functions using attribute protect_branches • Transformation operates on LLVM IR and is target independent 1. Searches conditional branches 2. Slice operands 3. Transform all dependent operations into the AN-code domain 4. Insert protected comparison algorithm • Backend links comparison with CFI mechanism March 22, 2018 Robert Schilling 21
LLVM Compiler Prototype Source Code Emission IR Optimizers Instruction Scheduling Instruction Binary IR IR Code Frontend Selection Back End Middle End March 22, 2018 Robert Schilling 22
Code Source LLVM Compiler Prototype March 22, 2018 Frontend IR IR Optimizers Loop Decoupler Middle End Lower Select Lower Switch Robert Schilling AN Coder IR Instruction Selection Back End CFI Instrumentation Instruction Scheduling Code Emission Binary 23
Evaluation Setting • ARMv7-M instruction set simulator • Software-centered CFI scheme • State updates via store to the memory- mapped CFI unit CMP • AN-code with 6-bit Hamming distance CMP CMP • Compare with duplication (5 times) CMP CMP Error • Benchmarks: integer comparison, Error memcmp, bootloader March 22, 2018 Robert Schilling 24
Evaluation Benchmark Metric CFI Duplication Prototype abs abs + / % abs + / % integer Size / B 12 128 967 86 617 compare Runtime / c 20 91 355 63 215 memcmp Size / B 68 272 300 276 306 Runtime / c 1689 10210 504 8905 427 bootloader 1 Size / B 17252 17672 2.435 Runtime / c 51888k 51888k 0.001 March 22, 2018 Robert Schilling 25
Evaluation Benchmark Metric CFI Duplication Prototype abs abs + / % abs + / % integer Size / B 12 128 967 86 617 compare Runtime / c 20 91 355 63 215 memcmp Size / B 68 272 300 276 306 Runtime / c 1689 10210 504 8905 427 bootloader 1 Size / B 17252 17672 2.435 Runtime / c 51888k 51888k 0.001 March 22, 2018 Robert Schilling 26
Evaluation Benchmark Metric CFI Duplication Prototype abs abs + / % abs + / % integer Size / B 12 128 967 86 617 compare Runtime / c 20 91 355 63 215 memcmp Size / B 68 272 300 276 306 Runtime / c 1689 10210 504 8905 427 bootloader 1 Size / B 17252 17672 2.435 Runtime / c 51888k 51888k 0.001 March 22, 2018 Robert Schilling 27
Recommend
More recommend
