Skip to content

SideLine is a novel power side-channel vector based on delay-line components widely implemented in high-end SoC.

Notifications You must be signed in to change notification settings

Remote-HWA/SideLine_Zynq

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

SideLine - How Delay-Lines (May) Leak Secrets from your SoC

About SideLine

SideLine is a novel side-channel vector based on delay-line components widely implemented in high-end SoCs. In the associated paper, we provide a detailed method on how to access and convert delay-line data into power consumption information and we demonstrate that these entities can be used to perform remote power side-channel attacks. We report experiments carried out on two SoCs from distinct vendors and we recount several core-vs-core attack scenarios in which an adversary process located in one processor core aims at eavesdropping the activity of a victim process located in another core. For each scenario, we demonstrate the adversary ability to fully recover the secret key of an OpenSSL AES running in the victim core. Even more detrimental, we show that these attacks are still practicable if the victim or the attacker program runs over an operating system.

Figure 1: The three attack scenarios presented in SideLine

Content

This repository contains:

  • A detailed tutorial on how to build the first SideLine attack scenario as illustrated in Figure 1.a). Source codes, tutorials and other resources are located in the folder attack_setup.

  • DLL datasets for AES and RSA side-channel attacks and Python scripts for data treatment, Correlation Power Analysis and Simple Power Analysis. These resources are located in the folder attack_results.

Reproduce SideLine

SideLine on AES

The attack is conducted on a Xilinx Zynq-7000 SoC in baremetal mode. Two C programs (attacker and victim) are implemented in two different physical cores (AP#0 and AP#1).

  • The victim source code contains the OpenSSL AES crypto implementation. It is used as an encryption service by the attack program.
  • The attack source code contain several methods which configure the encryption mode and uses DMA and DLL to perform SCA on the algorithms running in the victim program.
  • The AES attack tutorial is available in AES_setup

SideLine on RSA (new!)

The attack is conducted on a Xilinx Zynq-7000 SoC in baremetal mode. A C program handles the RSA calculation and the DLL acquisition.

  • Several custom RSAs are implemented (naive, constant time, montgomery ladder). WolfSSL crypto library was used to develop the different RSA variants.
  • The RSA attack tutorial is available in RSA_setup

The SideLine Database

A complete database containing DLL acquisitions for AES and RSA can be found in the latest release.

Attack Results

  • Python scripts located in AES_results and RSA_results can be used to perform SPA and CPA attacks. These scripts can be directly used with the database file or with your own experimentation files.

Requirements

  • A Xilinx Zynq-7000 SoC based development board
  • Working installations of Vivado, Vitis and python3

About

SideLine is a novel power side-channel vector based on delay-line components widely implemented in high-end SoC.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages