Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaoton Zhuang, Tao Zhang, Hsien-Hsin S. Lee, Santosh Pande HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus Xiaoton Zhuang, Tao Zhang, Santosh Pande
Overview Software Obfuscation Obfuscate - v - render obscure, unclear, or unintelligible - bewilder (someone) Information Leakage Layout leakage Recurrence leakage Hardware Obfuscation Techniques
Assumptions XOM model Everything outside the processor chip is assumed to be insecure Memory contents are encrypted
Software Obfuscation (and why it doesn’t work) Lacks of theoretical foundation It has been proven the perfect obfuscation does not exist May incur large overheads in code size Performance may be penalized due to carrying out extra computations History has proven it inefficient
How is Software Obfuscation Vulnerable to Attack ? Layout Leakage Spatial vicinity Recurrence Leakage Recurring addresses
Layout Leakage
Recurrence Leakage
So What? It’s just Control Flow. Control flow info is the essential part of algorithms Competing company ex. Can help identify reuse code Control obfuscation techniques are well known and can be reversed
Hardware Obfuscation Overview (paper 1) Encrypt the Address Bus (layout leakage) Relocate blocks every time they are written out to memory (recurrence leakage)
Address Bus Encryption Equates to a fixed mapping
Shuffle Buffer Designed to reorder all writes to memory Exclusive to external memory
Shuffle Buffer Indexed array through the block address table No address tag Smaller size / cheaper Blocks can be stored anywhere Blocks can be randomly replaced (circuit white noise) Assume program binary updatable then multi- run recurrence prevented
Block Address Table (BAT) & Cache Records the current location of blocks Use original block address to index into BAT to get new address Worst case scenario 10% overhead in virtual memory space Each access request from cache checks with BAT use BAT cache to speed things up
How Secure Is This? With a shuffle buffer of 128 blocks 0.8% chance of guessing one recurrence correctly For n-recurrences the chance of guessing all correctly is 1/(M^n) where M is the size of the shuffle buffer
Performance/Cost Summary Performance degradation can be below 1% Hardware costs consist of small on chip shuffle buffer and BAT cache
HIDE (Hardware-support for Leakage-Immune Dynamic Execution) Basic idea is to break the correlation between repeated memory addresses Achieved by permuting the address space at suitable intervals during execution
Hide Cache A cache same as a normal cache except that that blocks fetched after the previous permutation are all locked A locked block cannot be replaced until the memory space they belong to is permuted again
How The Hide Cache Works
Other Details When evicting a block choose the least recently used block among the unlocked blocks A separately stored bitmap is used to record whether a block is locked or not
Hardware Flowgraph
HIDE at Chunk Level Chunk - one or more pages that are protected and permuted together Designed to limit size of permutation Large memory permutations = performance cost At chunk level the permutation unit only permutes all the blocks within a chunk With the smallest chunk size (a page) 75% of transition from one address to the next are intra-chunk Chunks can be specified in the code or at runtime with instructions inserted into the header of the binary code
Page Info Cache Stores the Page Info Record to speed up access
How Secure Is this? With 64K chunk protection and layout optimizations, 87% of address sequence is protected, in which 95% of the accesses to code and static data are hidden Interfaces are provided for the compiler or the user to increase the security to achieve almost complete protection
Performance/Cost Summary The performance overhead in their experiments was at most 1.5% mainly due to permutations Most on chip components are small
References Xiaotong Zhuang, Tao Zhang, Hsien-Hsin Lee and Santosh Pande. Hardware Assisted Control Flow Obfuscation for Embedded Processors. CASES, Washington DC, Sept Hardware Assisted Control Flow Obfuscation for Embedded Processors. Zhuang, X., Zhang, T. and Pande, S. HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus. International Conference on Architectural Support for Programming Languages and Operating Systems, Boston, MA., Oct 2004.HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus.