Custom Instruction Support for Modular Defense Against Side-Channel and Fault Attacks

The design of software countermeasures against active and passive adversaries is a challenging problem that has been addressed by many authors in recent years. proposed solutions adopt theoretical foundation (such as leakage model) but often do not offer concrete reference implementations to validate the foundation. Contributing experimental dimension this body work, we propose customized processor called SKIVA supports experiments with broad range implementation attacks. Based on bitslice programming advances literature, offers flexible modular combination power-based timing-based side-channel fault injection. Multiple configurations protection enable programmer select desired number shares redundancy level for each slice. Recurring security-sensitive operations are supported hardware through custom instruction-set extensions. new instructions support bitslicing, secret-share generation, redundant logic computation, detection. We demonstrate analyze multiple versions AES from analysis fault-injection perspective, addition providing detailed performance evaluation protected designs. To our knowledge, first validated end-to-end bitslice-oriented countermeasure.