Verifying Software Integrity in Embedded Systems: A Side Channel Approach

Msgna Mehari 1 Markantonakis Konstantinos 1 David Naccache 2, 3 Mayes Keith 1
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : In the last few decades embedded processors have invaded the modern lifestyle. Embedded systems have hardware and software components. Assuring the integrity of the software is very important as it is the component that controls what the hardware does through its instructions. Although there exist a number of software integrity verification techniques, they often fail to work in embedded environment. One main reason is, the memory read protection, frequently implemented in today’s microprocessors, that prevent the verifier from reading out the necessary software parts. In this paper we show that side channel leakage (power consumption) can be used to verify the integrity of the software component without prior knowledge of the software code. Our approach uses instruction-level power consumption templates to extract information about executed instructions by the processor. Then this information together with pre-computed signatures are used to verify the integrity of the executed application using RSA signature screening algorithm. The instruction-level templates are constructed ahead of time using few authentic reference processors.
Type de document :
Communication dans un congrès
Constructive Side-Channel Analysis and Secure Design, Apr 2014, Paris, France. Springer, COSADE 2014, Lecture Notes in Computer Science 2014, pp.19, 2014, Constructive Side-Channel Analysis and Secure Design. 〈http://link.springer.com/chapter/10.1007%2F978-3-319-10175-0_18〉. 〈10.1007/978-3-319-10175-0_18〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01098381
Contributeur : David Naccache <>
Soumis le : mercredi 24 décembre 2014 - 12:24:45
Dernière modification le : vendredi 25 mai 2018 - 12:02:05

Identifiants

Collections

Citation

Msgna Mehari, Markantonakis Konstantinos, David Naccache, Mayes Keith. Verifying Software Integrity in Embedded Systems: A Side Channel Approach. Constructive Side-Channel Analysis and Secure Design, Apr 2014, Paris, France. Springer, COSADE 2014, Lecture Notes in Computer Science 2014, pp.19, 2014, Constructive Side-Channel Analysis and Secure Design. 〈http://link.springer.com/chapter/10.1007%2F978-3-319-10175-0_18〉. 〈10.1007/978-3-319-10175-0_18〉. 〈hal-01098381〉

Partager

Métriques

Consultations de la notice

235