1. Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaoton Zhuang, Tao Zhang, Hsien-Hsin S. Lee, Santosh Pande HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus Xiaoton Zhuang, Tao Zhang, Santosh Pande

2. Overview Software Obfuscation Obfuscate - v - render obscure, unclear, or unintelligible - bewilder (someone) Information Leakage Layout leakage Recurrence leakage Hardware Obfuscation Techniques

3. Assumptions XOM model Everything outside the processor chip is assumed to be insecure Memory contents are encrypted

4. Software Obfuscation (and why it doesn’t work) Lacks of theoretical foundation It has been proven the perfect obfuscation does not exist May incur large overheads in code size Performance may be penalized due to carrying out extra computations History has proven it inefficient

5. How is Software Obfuscation Vulnerable to Attack ? Layout Leakage Spatial vicinity Recurrence Leakage Recurring addresses

6. Layout Leakage 100 101 102103 104

7. Recurrence Leakage 100 101 102103 104

8. So What? It’s just Control Flow. Control flow info is the essential part of algorithms Competing company ex. Can help identify reuse code Control obfuscation techniques are well known and can be reversed

9. Hardware Obfuscation Overview (paper 1) Encrypt the Address Bus (layout leakage) Relocate blocks every time they are written out to memory (recurrence leakage)

10. Address Bus Encryption Equates to a fixed mapping

11. Shuffle Buffer Designed to reorder all writes to memory Exclusive to external memory

12. Shuffle Buffer Indexed array through the block address table No address tag Smaller size / cheaper Blocks can be stored anywhere Blocks can be randomly replaced (circuit white noise) Assume program binary updatable then multi- run recurrence prevented

13. Block Address Table (BAT) & Cache Records the current location of blocks Use original block address to index into BAT to get new address Worst case scenario 10% overhead in virtual memory space Each access request from cache checks with BAT use BAT cache to speed things up

14. How Secure Is This? With a shuffle buffer of 128 blocks 0.8% chance of guessing one recurrence correctly For n-recurrences the chance of guessing all correctly is 1/(M^n) where M is the size of the shuffle buffer

15. Performance/Cost Summary Performance degradation can be below 1% Hardware costs consist of small on chip shuffle buffer and BAT cache

16. HIDE (Hardware-support for Leakage-Immune Dynamic Execution) Basic idea is to break the correlation between repeated memory addresses Achieved by permuting the address space at suitable intervals during execution

17. Hide Cache A cache same as a normal cache except that that blocks fetched after the previous permutation are all locked A locked block cannot be replaced until the memory space they belong to is permuted again

18. How The Hide Cache Works

19. Other Details When evicting a block choose the least recently used block among the unlocked blocks A separately stored bitmap is used to record whether a block is locked or not

20. Hardware Flowgraph

21. HIDE at Chunk Level Chunk - one or more pages that are protected and permuted together Designed to limit size of permutation Large memory permutations = performance cost At chunk level the permutation unit only permutes all the blocks within a chunk With the smallest chunk size (a page) 75% of transition from one address to the next are intra-chunk Chunks can be specified in the code or at runtime with instructions inserted into the header of the binary code

22. Page Info Cache Stores the Page Info Record to speed up access

23. How Secure Is this? With 64K chunk protection and layout optimizations, 87% of address sequence is protected, in which 95% of the accesses to code and static data are hidden Interfaces are provided for the compiler or the user to increase the security to achieve almost complete protection

24. Performance/Cost Summary The performance overhead in their experiments was at most 1.5% mainly due to permutations Most on chip components are small

25. References Xiaotong Zhuang, Tao Zhang, Hsien-Hsin Lee and Santosh Pande. Hardware Assisted Control Flow Obfuscation for Embedded Processors. CASES, Washington DC, Sept. 2004.Hardware Assisted Control Flow Obfuscation for Embedded Processors. Zhuang, X., Zhang, T. and Pande, S. HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus. International Conference on Architectural Support for Programming Languages and Operating Systems, Boston, MA., Oct 2004.HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus.