Side-Channel Mitigation via Hardware Synthesis Tools
Bachelor Thesis
Motivation
Side-channel attacks pose a severe threat to software implementations of cryptographic primitives. Side-channels are unintentional information channels of programs that may leak sensitive information to attackers, e.g. when performing secret-dependent cache accesses [1]. Luckily, cache side-channels can effectively mitigated by transforming programs into circuit-based implementations where secret-dependent branching and memory accesses are eliminated. The ENCRYPTO and MAIS group recently proposed the Ricasi framework [2] that combines program analysis and circuit compilation to protect regular C implementations against cache side-channels. Ricasi leverages circuit-compilation technology from the HyCC framework [3]. Unfortunately, Ricasi introduces significant overhead in terms of run-time and binary size.
Goal
The goal is work is to effectively mitigate cache side-channels by utilizing Hardware Synthesis Tools to produce optimized circuit-based binaries from high-level languages like C/C++. To this end, we aim to use High-Level Synthesis (HLS) tools [4] and gradually lower the code to circuit-level before further Ricasi back-end compilation. The optimizations should be evaluated by hardening implementations of cryptographic operations such as AES, DES, 3DES, Camellia, and RSA that were shown to be vulnerable to cache side-channel attacks. More concretely, the C code implementations of cryptographic operations should be compiled with state-of-the-art circuit HLS tools.
Benefits:
WithENCRYPTO and MAIS, you have the opportunity to work at the forefront of research, combining hot topics from applied cryptography and formal program analysis. You can significantly get extensive insights into top research, where you can actively participate and contribute. Additionally, you can improve your practical coding skills and enhance your CV for future applications in industry or research.
Requirements
- At least basic programming skills in C/C++
- High motivation to independently extend the HLS tools
- At least basic knowledge of cryptography
- High motivation + ability to work independently
- Knowledge of the English language, Git, LaTeX, etc. goes without saying
References
- [1] P. Borrello, D.C. D’Elia, L. Querzoni, and C. Giuffrida. Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization. In CCS, 2021.
- [2] H. Mantel, L. Scheidel, T. Schneider, A. Weber, C. Weinert, and T. Weißmantel. RiCaSi: Rigorous Cache Side Channel Mitigation via Circuit Compilation (opens in new tab). In CANS, 2020.
- [3] N. Büscher, D. Demmler, S. Katzenbeisser, D. Kretzmer, T. Schneider. HyCC: Compilation of Hybrid Protocols for Practical Secure Computation (opens in new tab). In CCS, 2018.
- [4] S. Lahti, P. Sjövall, and J. Vanne. Are we there yet? A study on the state of high-level synthesis. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2019.
Supervisors
- Hossein Yalame, M.Sc. ( yalame@encrypto.cs.tu-…)
- Prof. Dr.-Ing. Thomas Schneider
