Code Monkey home page Code Monkey logo

asm_maskedaes's Introduction

A Thumb Assembly based Byte-wise Masked AES implementation

This projected is funded by the H2020 project REASSURE, currently maintaining by Si Gao.

The skeleton of this implementation comes from one of Dr. David McCann's test example for ELMO. The original version was written in Thumb assembly (GNU syntax), covering only the first round encryption. For various reasons, I have extended it to a full 10-round masked implementation.

Unlike other implementations, the purpose of this implementation is to test what kind of leakage a Cortex M0 core could create in practice. This means not only this masked implementation has been tested by TVLA on a realistic M0 core, but also all assembly code has been customized to avoid any unexpected leakage. In other words, this is a "security-first" implementation: you might notice that although it is written in assembly, the encryption latency is not significantly better than other C-based implementations.

Note that this implementation is actually customized for a specific M0 core (NXP LPC 1114). Although many cores may have the same leakage behavior, there is no way to claim security for any core that has not been tested. Users may have to verify on their target platforms that whether the "patches" here are effective (or not).

Thumb-based Masked AES

Scheme

The byte-wise implementation follows a well-known textbook example scheme. As said before, several security "patches" have been added to make it 1st order secure on that specific M0 core. Details can be found in the scheme introduction.

Security Evaluation

We have performed 1st order standard CRI TVLA test with 1 million traces on an NXP LPC1114 (Cortex M0) core.

Ttest results

Note that according to the CRI's standard, only the same leakage samples show up in both attempts as "leaky" with the same polarity will be counted as leakage.

Corresponding experiment setups can be found in Setup.md .

Security Evaluation based on simulation

Simulation results based on our Cortex M0-based power simulator ELMO have been added to the new directory named "ELMO".

ELMO Ttest results

Attention: although this one does not show 1st order leakage, this is BY NO MEANS secure by itself! 1st order protection will not defeat 2nd order attack, which is indeed quite easy here.

asm_maskedaes's People

Contributors

gs1989 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.