The MEET Approach: Securing Cryptographic Embedded Software Against Side Channel Attacks

We propose an efficient and effective methods to secure software implementations of cryptographic primitives on low-end embedded systems, against passive side channel attacks relying on the observation of power consumption or electro-magnetic emissions. The proposed approach exploits a modified LLVM compiler toolchain to automatically generate a secure binary characterized by a randomized execution flow. We improve the current state-of-the-art in dynamic executable code countermeasures removing the requirement of a writable code segment, and reducing the countermeasure overhead. Also, we provide a new method to refresh the random values employed in the share splitting approaches to lookup table protection. Finally, we devise an automated approach to protect spill actions onto the main memory, which are inserted by the compiler backend register allocator when there is a lack of available registers, thus, removing the need for manual assembly inspection. We report a validation of the performances of our approach on all the current ISO-standard block ciphers, employing an ARM Cortex-M4 based microcontroller as the validation platform.