Synthesis of masking countermeasures against side channel attacks

Abstract. We propose a new synthesis method for generating countermeasures for cryptographic software code to mitigate power analysis based side channel at-tacks. Side channel attacks may arise when computers and microchips leak sensi-tive information about the software code and data that they process, e.g., through power dissipation or electromagnetic radiation. Such information leaks have been exploited in commercial systems in the embedded space. Our new method takes an unprotected C program as input and returns a functionally equivalent but side channel leak free new program as output. The new program is guaranteed to be perfectly masked in that all intermediate computation results are made statisti-cally independent from the secret data. We have implemented our new method in a tool based on the LLVM compiler and the Yices SMT solver. Our experiments on a set of cryptographic software benchmarks show that the new method is both effective and scalable for applications of realistic size.