Improving the security of processors against cyberattacks

€65 million, 200 researchers, 26 academic establishments... The Cybersecurity PEPR was created as part of the France 2030. Led by the CEA, the CNRS and Inria, it includes 10 basics projects for industry and government organisations.

For this project, the scientists are using RISC-V. The scientist, Ronan Lashermes, at the High-Security Laboratory LHS^[1] in Rennes, explains:

Furthermore, RISC-V is supported not only by a large community of researchers, including Inria, but also leading companies such as Google and Intel in the USA and Thales, in France.

Fault injection attacks

The Arsene project^[2] focuses on improving the security of two types of RISC-V processors. The first is a 32-bit processor. "This is the equivalent of a microcontroller, the kind of simple little processor you find in household appliances and smart objects. They are difficult to protect against physical attacks because the attacker can steal the object and then subject it to fault injection attacks. This means that the processor must be fault-tolerant, but we also need to prove that this protection works, which requires applying formal methods to the hardware." This part involves researchers from  Taran^[3], a team from Rennes working on the optimisation and resilience of specialised microarchitectures. The work is coordinated by Simon Rokicki.

The scientists of the Taran team have also developed expertise in DBT (Dynamic Binary Translation), a technique that takes an external instruction set and converts it into one that is optimised for hardware accelerators. In the context of the project, the aim is to achieve a translation to an instruction set with specific security properties, which will allow certain critical operations to be executed several times to prevent error.

Spectre: a conceptual vulnerability

The second processor is a 64-bit application processor, like those used in desktops and mobile phones. It will be a demonstrator in an FPGA reprogrammable circuit.

Here, the researchers are specifically interested in Spectre, a conceptual vulnerability in modern processors. “These processors are in constant pursuit of speed. To improve their performance, they use a technique called speculative execution. When the processor has to make a choice that depends on a condition, it can take a long time to retrieve the information about this condition, such as knowing whether it is true or false, especially if it is waiting for the results of a particularly long division or data that is stored deep in the system’s memory. Instead of waiting for a very long time, the processor speculates by guessing the result of this branch and continuing its execution during a certain lapse of time, which can be fairly long, in the order of several hundred instructions. At the end, if its prediction was correct, it will have saved a lot of time. However, if it was wrong, it must go back and continue as though it had never executed all the instructions during the speculative execution.”

There is one problem, however: “when it goes back, the processor cannot erase all the traces left by the execution. This is where the Spectre vulnerability comes in: an attacker can attempt to use the information contained in these traces.” One way of mitigating this risk is to stop the speculative execution if it is likely to reveal traces of sensitive information.

© Inria / TARAN

Bringing developers into the loop

The scientists also want to include a key player in the security loop: the developer. “Currently, developers are faced with the problem of the ergonomics of their tools. For example, when they write code in C, the language has no way of telling them: ‘caution, this or that variable is secret and must be used in such-and-such a way’. We want to give developers the means to exercise greater control over what they do so that compilation can be managed in a better way. We would also like the compiler to be able to automatically infer that a piece of data is secret and generate instructions accordingly."  This part of the project will be carried out by Pacap ^[4] the second Rennes team involved in the work, composed of specialists in processor architecture and compilation.

^[1] The LHS is a joint laboratory between the Brittany region, the DGA, Inria, CentraleSupelec and the CNRS and is part of the Cyber Excellence Cluster (PEC).

^[2] Led by the CEA (LCYL, LFIM, LSCO), the Arsene consortium involves some 80 scientists from around 20 institutions, including the CNRS (Lab-STICC, LIRMM, LHC)), Inria (LHS, Taran, Pacap), IMT Mines Saint-Étienne (SAS, SSH), Université Grenoble Alpes (LCIS, TIMA, Verimag), Jean Monnet University in Saint-Etienne, the University of Rennes, UBO, UBS,  Ensta Bretagne, TelecomParisTech, INP Grenoble and TelecomParisTech.  Arsene stands for Architecture SEcurisées pour le Numérique Embarqué (Secure Architecture for Embedded Digital Systems).

^[3] Taran is a joint team between Inria, the University of Rennes and ENS Rennes, in collaboration with Irisa.

^[4] Pacap is a joint team between Inria and the University of Rennes, in collaboration with Irisa.