Can code polymorphism limit information leakage?

Antoine Amarilli; Sascha Müller; David Naccache; Daniel Page; Pablo Rauzy; Michael Tunstall

doi:10.1007/978-3-642-21040-2_1

Can code polymorphism limit information leakage?

Antoine Amarilli
, Sascha Müller
, David Naccache
, Daniel Page
, Pablo Rauzy
, Michael Tunstall

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As one can easily imagine, real-life devices are not ideal and information may leak through different physical side-channels. It is a known fact that information leakage is a function of both the executed code F and its input x. In this work we explore the use of polymorphic code as a way of resisting side channel attacks. We present experimental results with procedural and functional languages. In each case we rewrite the protected code code F _i before its execution. The outcome is a genealogy of programs F₀,F ₁,... such that for all inputs x and for all indexes i ≠ j ⇒ F_i(x) = F_j(x) and F_i ≠ F_j. This is shown to increase resistance to side channel attacks.

Original language	English
Title of host publication	Information Security Theory and Practice
Subtitle of host publication	Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings
Pages	1-21
Number of pages	21
DOIs	https://doi.org/10.1007/978-3-642-21040-2_1
Publication status	Published - 20 Jun 2011
Event	5th Workshop in Information Security Theory and Practice, WISTP 2011 - Heraklion, Crete, Greece Duration: 1 Jun 2011 → 3 Jun 2011

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6633 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th Workshop in Information Security Theory and Practice, WISTP 2011
Country/Territory	Greece
City	Heraklion, Crete
Period	1/06/11 → 3/06/11

Access to Document

10.1007/978-3-642-21040-2_1

Cite this

Amarilli, A., Müller, S., Naccache, D., Page, D., Rauzy, P., & Tunstall, M. (2011). Can code polymorphism limit information leakage? In Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings (pp. 1-21). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6633 LNCS). https://doi.org/10.1007/978-3-642-21040-2_1

Amarilli, Antoine ; Müller, Sascha ; Naccache, David et al. / Can code polymorphism limit information leakage?. Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings. 2011. pp. 1-21 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{32ebdededf1b402ba64938f1dbb5fad8,

title = "Can code polymorphism limit information leakage?",

abstract = "In addition to its usual complexity assumptions, cryptography silently assumes that information can be physically protected in a single location. As one can easily imagine, real-life devices are not ideal and information may leak through different physical side-channels. It is a known fact that information leakage is a function of both the executed code F and its input x. In this work we explore the use of polymorphic code as a way of resisting side channel attacks. We present experimental results with procedural and functional languages. In each case we rewrite the protected code code F i before its execution. The outcome is a genealogy of programs F0,F 1,... such that for all inputs x and for all indexes i ≠ j ⇒ Fi(x) = Fj(x) and Fi ≠ Fj. This is shown to increase resistance to side channel attacks.",

author = "Antoine Amarilli and Sascha M{\"u}ller and David Naccache and Daniel Page and Pablo Rauzy and Michael Tunstall",

year = "2011",

month = jun,

day = "20",

doi = "10.1007/978-3-642-21040-2\_1",

language = "English",

isbn = "9783642210396",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "1--21",

booktitle = "Information Security Theory and Practice",

note = "5th Workshop in Information Security Theory and Practice, WISTP 2011 ; Conference date: 01-06-2011 Through 03-06-2011",

}

Amarilli, A, Müller, S, Naccache, D, Page, D, Rauzy, P & Tunstall, M 2011, Can code polymorphism limit information leakage? in Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6633 LNCS, pp. 1-21, 5th Workshop in Information Security Theory and Practice, WISTP 2011, Heraklion, Crete, Greece, 1/06/11. https://doi.org/10.1007/978-3-642-21040-2_1

Can code polymorphism limit information leakage? / Amarilli, Antoine; Müller, Sascha; Naccache, David et al.
Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings. 2011. p. 1-21 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6633 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review