TY - GEN
T1 - High-Level Synthesis for side-channel defense
AU - Konigsmark, S. T.Choden
AU - Chen, Deming
AU - Wong, Martin D.F.
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/7/28
Y1 - 2017/7/28
N2 - The Internet of Things (IoT) and cloud computing rely on strong confidence in security of confidential or highly privacy sensitive data. Therefore, side-channel leakage is an important threat, but countermeasures require expert-level security knowledge for efficient application, limiting adoption. This work addresses this need by presenting the first High-Level Synthesis (HLS) flow with primary focus on side-channel leakage reduction. Minimal security annotation to the high-level C-code is sufficient to perform automatic analysis of security critical operations with corresponding insertion of countermeasures. Additionally, imbalanced branches are detected and corrected. For practicality, the flow can meet both resource and information leakage constraints. The presented flow is extensively evaluated on established HLS benchmarks and a general IoT benchmark. Under identical resource constraints, leakage is reduced between 32% and 72% compared to the reference. Under leakage target, the constraints are achieved with 31% to 81% less resource overhead.
AB - The Internet of Things (IoT) and cloud computing rely on strong confidence in security of confidential or highly privacy sensitive data. Therefore, side-channel leakage is an important threat, but countermeasures require expert-level security knowledge for efficient application, limiting adoption. This work addresses this need by presenting the first High-Level Synthesis (HLS) flow with primary focus on side-channel leakage reduction. Minimal security annotation to the high-level C-code is sufficient to perform automatic analysis of security critical operations with corresponding insertion of countermeasures. Additionally, imbalanced branches are detected and corrected. For practicality, the flow can meet both resource and information leakage constraints. The presented flow is extensively evaluated on established HLS benchmarks and a general IoT benchmark. Under identical resource constraints, leakage is reduced between 32% and 72% compared to the reference. Under leakage target, the constraints are achieved with 31% to 81% less resource overhead.
KW - High-Level Synthesis
KW - Security
KW - Side-Channel Leakage
UR - http://www.scopus.com/inward/record.url?scp=85028084773&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85028084773&partnerID=8YFLogxK
U2 - 10.1109/ASAP.2017.7995257
DO - 10.1109/ASAP.2017.7995257
M3 - Conference contribution
AN - SCOPUS:85028084773
T3 - Proceedings of the International Conference on Application-Specific Systems, Architectures and Processors
SP - 37
EP - 44
BT - 2017 IEEE 28th International Conference on Application-Specific Systems, Architectures and Processors, ASAP 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th IEEE International Conference on Application-Specific Systems, Architectures and Processors, ASAP 2017
Y2 - 10 July 2017 through 12 July 2017
ER -