Oblivious Hashing: A Stealthy Software Integrity Verification Primitive

Chen, Yuqun; Venkatesan, Ramarathnam; Cary, Matthew; Pang, Ruoming; Sinha, Saurabh; Jakubowski, Mariusz

doi:10.1007/3-540-36415-3_26

Cited by 69 publications

(59 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, solutions requiring hardware modification are unpractical for smart cards. Several works proposed to integrate the checks at software level [26,13,16]. Oh et al [26] only checks the destinations of all jumps.…”

Section: Code Securing and Control Flow Securingmentioning

confidence: 99%

See 1 more Smart Citation

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Lalande

Heydemann

Berthomé

2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

Abstract. Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.Keywords: control flow integrity, fault attacks, smart card, source level IntroductionSmart cards or more generally secure elements are essential building blocks for many security-critical applications. They are used for securing host applications and sensitive data such as cryptographic keys, biometric data, pin counters, etc. Malicious users aim to get access to these secrets by performing attacks on the secure elements. Fault attacks consists in disrupting the circuit's behavior by using a laser beam or applying voltage, clock or electromagnetic glitches [5,6,24]. Their goal is to alter the correct progress of the algorithm and, by analyzing the deviation of the corrupted behavior with respect to the original one, to retrieve the secret information [14]. For java card, fault attacks target particular components of the virtual machine [3,4,9].Many protections have therefore been proposed to counteract attacks. Fault detection is generally based on spatial, temporal or information redundancy at hardware or software level. In java card enabled smart cards, software components of the virtual machine can perform security checks [18,20,10].In practice, developers of security-critical applications often manually add countermeasures into an application code. This operation requires knowledge about the target code vulnerabilities. Both these tasks are time-consuming with direct impact on the certification of the product. One harmful consequence of fault attacks is control flow disruption which may bypass some implemented countermeasures. It is difficult for programmers to investigate all possible control flow disruption in order to detect sensitive parts of the code and then investigate how to add countermeasures inside these sensitive parts. Moreover, secure smart cards have strong security requirements that have to be certified by an independent qualified entity before being placed on the market. Certification can rely on a review of source code and the implemented software countermeasures. The effectiveness of software security countermeasures is then guaranteed by the use of a certified compiler [21]. Injecting control flow integrity checks at compile time would require to certify the modified compiler. To avoid this diff...

show abstract

Section: Code Securing and Control Flow Securingmentioning

confidence: 99%

“…These java card approaches rely on the ability to perform runtime checks during the interpretation of the bytecode. For native programs, it is mandatory to include any software countermeasure inside the code, as proposed in [26,13,16].…”

Section: Code Securing and Control Flow Securingmentioning

confidence: 99%

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Lalande

Heydemann

Berthomé

2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

show abstract

“…Other related research is oblivious hashing [5], which interweaves hashing instructions with program instructions and which is able to prove to some extent whether a program operated correctly or not.…”

Section: Tamper Resistancementioning

confidence: 99%

Towards Tamper Resistant Code Encryption: Practice and Experience

Cappaert

Preneel

Anckaert

et al. 2008

Information Security Practice and Experience

View full text Add to dashboard Cite

Abstract. In recent years, many have suggested to apply encryption in the domain of software protection against malicious hosts. However, little information seems to be available on the implementation aspects or cost of the different schemes. This paper tries to fill the gap by presenting our experience with several encryption techniques: bulk encryption, an ondemand decryption scheme, and a combination of both techniques. Our scheme offers maximal protection against both static and dynamic code analysis and tampering. We validate our techniques by applying them on several benchmark programs of the CPU2006 Test Suite. And finally, we propose a heuristic which trades off security versus performance, resulting in a decrease of the runtime overhead.

show abstract

“…Chen et al [13] propose oblivious hashing, which involves compile-time code modifications resulting in the computation of a running trace of the execution history of a program. Here a trace is a cumulative hash of the values of a subset of expressions which occur within the normal program execution.…”

Section: Software Tamper Resistancementioning

confidence: 99%