MASKING THE INSTRUCTIONS OF A MICROCONTROLLER USING A CHAOTIC POWER SUPPLY

Similar documents
A NOVEL ACTIVE INDUCTOR WITH VOLTAGE CONTROLLED QUALITY FACTOR AND SELF-RESONANT FREQUENCY

CMOS DELAY CELL WITH LARGE TUNING RANGE

ELECTROSTATIC DISCHARGE E-FIELD SPECTRUM ANALYSIS AND GRAPHICAL INTERPRETATION

ANALYSIS OF DISTURBING MAGNETIC FIELD ASSOCIATED WITH ELECTROSTATIC DISCHARGES

LINEAR VOLTAGE-TO-CURRENT CONVERTER WITH SMALL AREA

OUTER GATE AUTOMATION USING MICROCONTROLLERS AND RADIO FREQUENCY COMMUNICATION

ASPECTS REGARDING THE ELECTRICAL RESISTIVITY SOFTWARE MEASUREMENTS ON INSULATING MATERIALS USING 6517A HI-R SWEEP TEST PROGRAM

LINEAR CURRENT-TO-FREQUENCY CONVERTER WITH WIDE OUTPUT RANGE

AN ALGORITHM FOR THE ADAPTIVE CONTROL OF ANTI HAIL MISSILE LAUNCH RAMPS

D.C. DRIVE SYSTEM USING FOUR-QUADRANT CHOPPER

CMOS SCHMITT TRIGGER WITH CURRENT-CONTROLLED HYSTERESIS

SOFTWARE CONTROL USED FOR AC MOTORS

EXPERIMENTAL RESULTS REGARDING STRUCTURAL RESPONSE OF BOLTED AND HYBRID CONNECTIONS FOR PULTRUDED ELEMENTS

THREE CHANNELS ANALYSIS SYSTEM FOR ELECTRICAL POWER SYSTEM DISTURBANCES MEASUREMENT

RESEARCH CONCERNING THE INFLUENCE OF ANGLE OF FILING FROM THE KNIFE BLADES VINDROVERS ON THE MECHANICAL WORK ON CUTTING

FINITE ELEMENT METHOD MODELING OF BRUSHLESS DC SERVOMOTOR WITH FRACTIONAL NUMBER OF SLOTS PER POLE

Design and Simulation of Automatic Temperature Control and Alert System Based PIC16F887

EVALUATION OF THE YARN QUALITY CHARACTERISTICS THROUGH SYNTHETIC INDICATORS

COMPARISON OF CONCENTRATED AND DISTRIBUTED WINDING IN TERM OF THE MAGNETIC FIELDS

VIRTUAL INSTRUMENTATION IN THE DRIVE SUBSYSTEM MONITORING OF A MOBIL ROBOT WITH GESTURE COMMANDS

A Very Fast and Low- power Time- discrete Spread- spectrum Signal Generator

THE THICKNESS MEASUREMENT OF WEFT KNITTED STRUCTURES MADE WITH ELASTOMERIC YARNS

DESIGNING A POSITION REGULATOR FOR AN ACTUATOR POWERED BY A CONTINUOUS CURRENT MOTOR USING THE PIC16F73 MICROCONTROLLER

ENEE307 Lab 7 MOS Transistors 2: Small Signal Amplifiers and Digital Circuits

A 3-10GHz Ultra-Wideband Pulser

CHAPTER 4 CONTROL ALGORITHM FOR PROPOSED H-BRIDGE MULTILEVEL INVERTER

A fast programmable frequency divider with a wide dividing-ratio range and 50% duty-cycle

DIGITAL CONTROL OF A BRUSHLESS DC SERVOMOTOR ELECTRICAL DRIVE SYSTEMS CLOSED-LOOP CONTROL

USING SERIAL INDUSTRIAL ROBOTS IN CNC MILLING PROCESESS

6. HARDWARE PROTOTYPE AND EXPERIMENTAL RESULTS

A New CMOS-DC/DC-Step-Up Converter for up to 2 mw Enduring Loads

Electrical current measurement system for energy harvesting applications

CMOS Inverter & Ring Oscillator

DATA SHEET. HEF4046B MSI Phase-locked loop. For a complete data sheet, please also download: INTEGRATED CIRCUITS

A TDC based BIST Scheme for Operational Amplifier Jun Yuan a and Wei Wang b

Designing Nano Scale CMOS Adaptive PLL to Deal, Process Variability and Leakage Current for Better Circuit Performance

Experiment 1.A. Working with Lab Equipment. ECEN 2270 Electronics Design Laboratory 1

OBJECTIVE The purpose of this exercise is to design and build a pulse generator.

A Low-Power SRAM Design Using Quiet-Bitline Architecture

MEETING THE RECENT REQUESTS ORIGINATED BY THE INCOMING EDITION OF EN

ML4818 Phase Modulation/Soft Switching Controller

HIGH CURRENT PWM BIPOLAR STEPPER MOTOR CONTROL AND DRIVE

SINGLE-PHASE AC-AC CONVERTER

ON THE TRANSIENTS OPTIMIZATION AND THE POWER FACTOR CORRECTION OF THE STATIC CONVERTERS

A design of 16-bit adiabatic Microprocessor core

CHAPTER 4 MULTI-LEVEL INVERTER BASED DVR SYSTEM

International Journal of Advance Engineering and Research Development

Demonstration System EPC9051 Quick Start Guide. EPC2037 High Frequency Class-E Power Amplifier

Communication using Synchronization of Chaos in Semiconductor Lasers with optoelectronic feedback

A Clock Generating System for USB 2.0 with a High-PSR Bandgap Reference Generator

A 3-STAGE 5W AUDIO AMPLIFIER

OPTIMIZING TOOLS DIAMETERS AND TOOL PATH STYLE TO IMPROVE TIME MACHINING

Application Circuits 3. 3V R2. C4 100n G PI O. 0 G PI O S e t u p d a ta G PI O. 5 G PI O M o t i o n I n t G PI O. 4 G PI O.

Electronic Circuits EE359A

CHAPTER 6 PHASE LOCKED LOOP ARCHITECTURE FOR ADC

HA-2520, HA-2522, HA-2525

TTL LOGIC and RING OSCILLATOR TTL

Evaluation of the Masked Logic Style MDPL on a Prototype Chip

EL4089 and EL4390 DC Restored Video Amplifier

UCS Channel LED Driver / Controller

CHAPTER 7 HARDWARE IMPLEMENTATION

Laboratory Exercise 1 Microcontroller Board with Driver Board

Supply Voltage Supervisor TL77xx Series. Author: Eilhard Haseloff

COMPARISON OF PITCH CONTROL SYSTEM FOR AN UNMANNED FREE-SWIMMING SUBMERSIBLE VEHICLE WITH PD CONTROLLER AND LINEAR QUADRATIC REGULATOR USING MATLAB

Case Study of Scheduled Single-Ended Driver Featuring [Test Data]

Pixel. Pixel 3. The LUMENOLOGY Company Texas Advanced Optoelectronic Solutions Inc. 800 Jupiter Road, Suite 205 Plano, TX (972)

AWG801 8 GSPS 11-bit Arbitrary Waveform Generator

Geared Oscillator Project Final Design Review. Nick Edwards Richard Wright

SUBTHRESHOLD DESIGN SPACE EXPLORATION FOR GAUSSIAN NORMAL BASIS MULTIPLIER

Chaos Encryption Method Based on Large Signal Modulation in Additive Nonlinear Discrete-Time Systems

HA-2600, HA Features. 12MHz, High Input Impedance Operational Amplifiers. Applications. Pinouts. Ordering Information

TSL LINEAR SENSOR ARRAY

INF8574 GENERAL DESCRIPTION

Bootstrapped ring oscillator with feedforward inputs for ultra-low-voltage application

TIMA Lab. Research Reports

A Three-Port Adiabatic Register File Suitable for Embedded Applications

3-Stage Transimpedance Amplifier

Chapter 4. Simulation. 4.1 Introduction

THE MEASUREMENT OF MAGNETIC FIELD IN TWO POWER DISTRIBUTION SUBSTATIONS

MOS (PTY) LTD. E Single Channel PIR Signal Processor. Applications. General Description. Features. Digital Sensor Assembly with E931.

HA-2520, HA MHz, High Slew Rate, Uncompensated, High Input Impedance, Operational Amplifiers. Features. Applications. Ordering Information

DISTORTING STATE ANALYSIS IN ELECTRIC ENERGY DISTRIBUTION NETWORKS

MICROCONTROLLER BASED THREE PHASE INVERTER Project index: PRJ 012

Common-Source Amplifiers

Maximum data rate: 50 MBaud Data rate range: ±15% Lock-in time: 1 bit

Computer-Based Project in VLSI Design Co 3/7

Application Note. Low Power DC/DC Converter AN-CM-232

Low Power Design of Successive Approximation Registers

LM193A/293/A/393/A/2903 Low power dual voltage comparator

W5500 Compliance Test Report

Digital Logic Troubleshooting

Hello, and welcome to the TI Precision Labs video series discussing comparator applications. The comparator s job is to compare two analog input

SIDE-CHANNEL attacks exploit the leaked physical information

STCL1100 STCL1120 STCL1160

INTRODUCTION FEATURES ORDERING INFORMATION APPLICATIONS LOW POWER DTMF RECEIVER 18 DIP 300A

ETHERNET TESTING SERVICES

AWG414 4-GSPS 12-bit Dual-Channel Arbitrary Waveform Generator

ALD500RAU/ALD500RA/ALD500R PRECISION INTEGRATING ANALOG PROCESSOR WITH PRECISION VOLTAGE REFERENCE

/$ IEEE

Susceptibility of the Crystal Oscillator to Sinusoidal Signals over Wide Radio Frequency Range

Transcription:

BULETINUL INSTITUTULUI POLITEHNIC DIN IAŞI Publicat de Universitatea Tehnică Gheorghe Asachi din Iaşi Tomul LIX (LXIII), Fasc. 1, 2013 Secţia ELECTROTEHNICĂ. ENERGETICĂ. ELECTRONICĂ MASKING THE INSTRUCTIONS OF A MICROCONTROLLER USING A CHAOTIC POWER SUPPLY BY EMANUEL-FLORIN IFTENE 1 and HORIA-NICOLAI TEODORESCU *1,2 Corresponding Member of the Romanian Academy 1 Gheorghe Asachi Technical University of Iaşi Faculty of Electronics, Telecommunications and Information Technology, 2 Institute of Computer Science of the Romanian Academy, Iaşi Branch Received: March 5, 2013 Accepted for publication: March 29, 2012 Abstract. A protection method based on injecting fault currents in the power supply lines of microsystem by means of a power source controlled by a chaotic generator is proposed. This preliminary, short paper, studies the efficiency of this method in masking the pattern of executed instructions on an 8-bit microcontroller. Key words: side attack; power analysis; microcontroller; DPA; SPA. 1. Introduction Embedded systems are subject to side attacks power analysis attacks, such as Simple Power Analysis (SPA) or Differential Power Analysis (DPA) that reveal and extract sensitive data from microsystems. The power analysis was first introduced in the late 1990s as a method to analyse and minimize the power consumption on microsystems. Kocher et al. (2012) showed that this method could be used by an attacker to reveal sensitive data from microsystems. This kind of attack is named simple power analysis or differential power analysis, depending on the details of the attack. This analysis relies on the * Corresponding author: e-mail: hteodor@etti.tuiasi.ro

22 Emanuel-Florin Iftene and Horia-Nicolai Teodorecu internal circuits of the microcontrollers, which are simple to complex switching CMOS gates; the current depends on the number of switching gates during each performed operation. Based on the facts that logic CMOS gates absorb current from the power supply mostly on transitions from logic level 0 to logic level 1 and that one instruction activates a pre-defined number of gates, it results that each executed instruction has its own unique pattern. Thus, each instruction has its own signature, partly changed by the data manipulated. 2. Protection Method 2.1. Setup The proposed protection method aims to mask the instructions performed by the system. It makes use of the empirically determined ability of microcontrollers (we tested only PIC 16 series) to properly operate under relatively large fluctuations of the power supply. The protection consists in using the chaotic signal to control the voltage drop on a series transistor, thus modifying the current consumption seen by the attacker. Fig. 1 represents a simplified diagram for the method implementation and for power analysis, simple or differential. It consists of a power supply for the microsystem, a digital oscilloscope for recording the data, and a series resistor, R 1 = 50 Ω, used for measuring the voltage drop resulted from the current variations during the execution of the program by the microsystem. The PIC16F877A-I/P microcontroller was used for the experiments. Laboratory power supply source A D Development board for PIC16F877A-I/P Voltage regulator controlled by chaotic generator V DD R 1 B +V DD PIC16F877A-I/P Chaotic signal generator C E Digital oscilloscope Tektronix TDS3012 Fig. 1 Block schematics of the protection method. The schematic block from Fig. 1 is composed of a laboratory power supply (A) that provides the necessary voltage for the voltage regulator (B); a variable voltage supply; a chaotic signal generator (C) that controls the voltage switching of the voltage supply (B); the resistor R 1, used as current-to-voltage sensor; a digital oscilloscope (E) that measures the voltage signal across the resistor R 1, and a development board (D) based on PIC16F877A-I/P microcontroller.

Bul. Inst. Polit. Iaşi, t. LIX (LXIII), f. 1, 2013 23 2.2. Masking Method Based on Chaotic Generator The detailed schematic of the chaotic generator used to drive the power supply of the development board was presented and discussed in previous works (Teodorescu, 2010; Teodorescu & Cojocaru, 2011). The resulted waveform of the chaotic generator is presented in Fig. 2. The average frequency of the chaotic generator is about 1 MHz. Fig. 2 illustrates the frequency variations produced by the chaotic generator and its annex circuit. An example of variation is marked with the dotted line circle in Fig. 2. V 1V Fig. 2. Output waveform of the chaotic generator. Fig. 3. Output waveform of the voltage regulator (B). The voltage regulator (B) is based on the schematic for voltage regulators with series transistor. It has two branches for regulating the output voltage and an additional transistor that switches the active branches, according to the amplitude of the command signal received from the chaotic generator. Therefore, the regulator actually modifies the voltage chaotically. The output waveform shown in Fig. 3 is the resulted output voltage of the voltage regulator (B); on Fig. 3 is marked with a dotted circle the frequency variations injected by chaotic clock and with two dotted lines the amplitude variations of about 1 V of the output voltage. The output voltage swing is computed based on voltage range accepted by PIC16F877A-I/P microcontroller of min. 3.5 V and max. 5.5 V. Given this range, the first branch of the voltage regulator limits the maximum output voltage at about 5.5 V, while the second branch limits the minimum output voltage at about 4.5 V. For testing the efficacy of this method of protection for the microsystems, we collected the signals and determined the unperturbed pattern of the executed instructions by the microcontroller, and then the patterns of the same instructions, with the power supply perturbed as described. The test program executes a single instruction repeated in a loop. Using the digital oscilloscope the current variations on the series resistor are registered and analysed. Then we repeated the experiments using the proposed method for protection from Fig. 1. The resulted waveform should be different from the first case, given the efficiency of the masking method of the pattern for the executed instruction.

24 Emanuel-Florin Iftene and Horia-Nicolai Teodorecu 2.3. The Test Program The test program is written in Assembly Language and comprises one single loop program that has 100 consecutive andlw instructions; each andlw instruction is executed in a single machine cycle. The test register reg_test manipulated by the instruction andlw has the same value during the test program. The resulted value is stored in the accumulator register, W; in this way the resulted pattern is the same and is not affected by the value manipulated by the test register or by the resulted value. reg_test = 1010.1010 W = 0000.0000 andlw reg_test W = 0000.0000 rutina_andlw: bsf led_galben ; control LED activated andlw reg_test ; execution #1 of the instruction andlw andlw reg_test ; execution #2 of the instruction andlw ;... andlw reg_test ; execution #99 of the instruction andlw andlw reg_test ; execution #100 of the instruction andlw bcf led_galben ; control LED deactivated goto rutina_andlw ; go to rutina_andlw In the first case the microcontroller is using the power supply and a quartz driven clock oscillator at the frequency of 4 MHz. The PIC16F877A-I/P microcontroller uses a four stage pipeline, namely fetch, decode, execute and write-back and one clock period for each stage; therefore for each one machine cycle instruction are required four clock periods. That gives a period of 1 4 T 1 μs per machine cycle. F / 4 4 MHz osc 2.4. Test for Masking Strength To verify that the microsystem operates correctly with the proposed method of protection (Fig. 1), the program activates a control LED at the beginning of the loop; at the end of the loop the control LED is deactivated. The control LED is connected on port RA2 of the microcontroller with a series resistor that limit the LED current to about 8 ma. This extra-current is seen on the digital oscilloscope as a voltage drop on series resistor R 1 for a period of 3 µs, given by the execution of the instructions bcf and goto from the end of the loop of the test program, as shown in Fig. 4 a, or once per 100 µs, as represented in Fig. 4 b. Fig. 4 a shows the waveform recorded on R 1 when the microcontroller is using power from the laboratory power supply; notice the end of the program loop with a marked period of 3 µs and a voltage drop of about 400 mv when the control LED is deactivated.

Bul. Inst. Polit. Iaşi, t. LIX (LXIII), f. 1, 2013 25 The waveform in Fig. 4 b was recorded when the microcontroller was using the protection illustrated in Fig. 1, with the power supply controlled by the chaotic generator; the marked time of 100 µs represents the duration of one cycle in the loop of the test program. From this observation we conclude that the microsystem is working correctly with this power supply controlled by the chaotic generator. 3 µs 400 mv 100 µs Fig. 4 a The resulted waveform for a section of the test program. Fig. 4 b The resulted waveform for the test program. 3. Results 3.1. Correlation Analysis for andlw Instruction Consider first that the system operates with a stable clock and a stable power supply (no active protection). The pattern for andlw instruction under normal conditions is shown in Figs. 5 a and b, top side, in two different running instances. The recorded data was analysed on Matlab using the correlation and auto-correlation functions, n C k x i x i k, C x i y i k xx i 1 i 1 xy n [ ] [ ] [ ] [ ] [ ], and the resulted pattern is shown in the bottom panels of the Figs. 5 a and b. The digital oscilloscope can store up to 10,000 samples on a single record; therefore, for a time base of 200 ns, 2 μs can be stored, that correspond to two complete executions for andlw instruction. As a result of the correlation function shown in Figs. 5 a and b (bottom) are a maximum at 1,250 samples meaning one stage from the pipeline and a maximum at 5,000 samples which is the period of the executed instruction. We checked that the correlation pattern is the same for different instances runs of the test program. In the second phase of the experiment we used the protection method as in Fig. 1. The resulted waveforms are shown in Figs. 6 a and b. Notice, on the top side of Figs. 6 a and b that the pattern for the executed instruction, andlw, is different for the pattern from Figs. 5 a and b, and from one instance to another. This is due to current fault injection from the power supply controlled by the chaotic generator. On the bottom side of the Figs. 6 a and b are represented the resulted correlation patterns; notice that the resulted correlation

26 Emanuel-Florin Iftene and Horia-Nicolai Teodorecu graph does not reveal the corresponding machine cycle or the period of the pipeline stages. Correlation 0 1 0 0.2 0 0.2 1.5 2 1250 samples Correlation 0 1 1.5 2 5000 samples 0 1,000 2,000 3,000 4,000 5,000 6,000 Fig. 5 a Instruction andlw top side default pattern, bottom side autocorrelation pattern instance run #1. 0 1,000 2,000 3,000 4,000 5,000 6,000 Fig. 5 b Instruction andlw top side default pattern, bottom side autocorrelation pattern instance run #2. 0 1 0 1 1 0.5 1.5 1 0.5 1.5 Correlation Correlation 0 1,000 2,000 3,000 4,000 5,000 6,000 Fig. 6 a Instruction andlw top side resulted pattern with active protection; bottom side auto-correlation pattern instance run #2. 0 1,000 2,000 3,000 4,000 5,000 6,000 Fig. 6 b Instruction andlw top side resulted pattern with active protection; bottom side auto-correlation pattern instance run #3. From the results shown in Figs. 7 a and b, we derive that the default pattern of the andlw instruction with no protection circuit (top side) is different from the pattern of the andlw instruction (middle side) when the protection circuit is active. Furthermore, the correlation between two successive waveforms, shown on the bottom side of the Figs. 7 a and b, neither determines a period of 1,250 samples, nor a period of 5,000 samples (the last one corresponding to one machine cycle) and are different from one instance of execution to another. Based on these observations one can conclude that this protection method is efficient against power analysis attacks based on the pattern correlation. This conclusion was validated for several instructions. A supplementary example is shown in Figs. 8 a and b for the addwf instruction. The test program add the reg_test register, reg_test = b 00000000, with W. The pattern of

Bul. Inst. Polit. Iaşi, t. LIX (LXIII), f. 1, 2013 27 the addwf instruction with no protection circuit activated is shown in top side of Figs. 8 a and b; on the middle of Figs. 8 a and b is represented the resulted waveform with protection circuit activated and on the bottom of Figs. 8 a and b are depicted the resulted correlation patterns. 0 0.2 0 0.2 1.5 2 1.5 2 1 0.5 1.5 1 0.5 1.5 Intercorrelation 0.5 0 0.5 0 2,000 4,000 6,000 8,000 10,000 12,000 Fig. 7 a Pattern of the andlw instruction with no protection circuit (top); with protection circuit (middle) instance run #1; correlation (bottom). Intercorrelation 0.5 0 0.5 0 2,000 4,000 6,000 8,000 10,000 12,000 Fig. 7 b Pattern of the andlw instruction with no protection circuit (top); with protection circuit (middle) instance run #2; correlation (bottom). 0.4 0.6 0.4 0.6 1.5 1 0.5 1.5 1 0.5 1 0.5 1 0.5 Intercorrelation 0.5 0 0.5 0 2,000 4,000 6,000 8,000 10,000 12,000 Fig. 8 a Pattern of the addwf instruction with no protection circuit (top); with protection circuit (middle) instance run #3; correlation (bottom). Intercorrelation 0.5 0 0.5 0 2,000 4,000 6,000 8,000 10,000 12,000 Fig. 8 b Pattern of the addwf instruction with no protection circuit (top); with protection circuit (middle) instance run #7; correlation (bottom). 4. Conclusions This preliminary paper proposes a method for protecting embedded systems against side channel attacks, based on chaotic generators and fault

28 Emanuel-Florin Iftene and Horia-Nicolai Teodorecu current injection in power supply lines of the microsystem by means of a power source controlled by a chaotic generator. A comparison between the resulted waveforms, with and without protection circuit, shows that the method is effective. Detailed results will be given in a paper to be published later. The authors are listed in alphabetic order. HNT proposed the method, a scheme based on chaotic generators and fault current injection in the power supply lines by means of a power source controlled by a chaotic generator, the protection method in Fig. 1 and the chaotic generator. EFI built all the circuits based on the design and schemes provided by HNT, wrote the test program based on the indications of HNT, participated in the experiment and contributed to writing the paper. The authors declare no conflict of interest. The authors retain the copyright of the paper and will publish later an enlarged, definitive version of this research. REFERENCES Kocher P., Jaffe J., Jun B., Introduction to Differential Power Analysis and Related Attacks. Crypt. Res. Inc., www.cryptography.com/public/pdf/dpatechinfo. pdf, accessed Jan. 2012. Kocher P., Jaffe J., Jun B., Differential Power Analysis. Crypt. Res. Inc., www.cryptography.com/public/pdf/dpa.pdf, accessed Jan. 2012. Teodorescu H.-N.L., O nouă clasă de circuite haotice bazate pe buclă de reacţie capacitivă. Proc. ICTEI 2010, The 3-rd Int. Conf. Telecomm., Electron. a. Inform., 1, Chişinău, May 20-22, 2010, 319-325. Teodorescu H.-N.L., Cojocaru V. P., Complex Signal Generators Based on Capacitors and on Piezoelectric Loads. In: C. H. Skiadas, I. Dimotikalis and C. Skiadas (Eds.), Chaos Theory: Modeling, Simulation and Applications. World Sci. Publ. Co., Singapore, 2011, 423-430. MASCAREA INSTRUCŢIUNILOR UNUI MICROCONTROLER CU AJUTORUL UNEI SURSE HAOTICE DE ALIMENTARE (Rezumat) Se propune o metodă de protecţie pentru microsisteme, bazată pe injectarea de semnal cvasi-aleatoriu pe linia de alimentare. Se foloseşte o sursă de tensiune cu element regulator serie a cărei tensiune de ieşire este comandată de un oscilator haotic prin comanda celor două ramuri. Se urmăreşte ca prin injectarea de zgomot pe linia de alimentare pattern -ul pentru instrucţiunile executate de microsistem să fie modificat şi vizual nedetectabil la decodarea prin funcţia de autocorelaţie.

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback