Side channel and invasive attacks on a secure code execution computer architecture

Abstract

Tamper-resistance and tamper-evidence for Internet of Things (IoT) devices will be required in many applications. These properties can be achieved by secure code execution, which means to provide authenticity and integrity for programs that will run in IoT devices. We recently proposed Computer Security by Hardware-Intrinsic Authentication (CSHIA), a computer architecture solution for secure code execution. CSHIA relies on generating and verifying authentication tags that are created through a random cryptographic key uniquely extracted from Physical Unclonable Functions (PUFs) in each IoT device. However, PUFs depend on post-processing schemes, like Fuzzy Extractors, which are susceptible to side channel and semi-invasive attacks. If those attacks succeed, the unique device's key can be exposed and the security broken. In order to strengthen CSHIA's security, new countermeasures against side channel and semi-invasive attacks in Fuzzy Extractors have to be devised. Currently, we have proposed a side channel countermeasure that overcomes many limitations of the current known countermeasure and now we aim at improving it and thinking up solutions against semi-invasive attacks. (AU)