In this paper, we consider that, in practice, attack scenarios involving side-channel analysis combine two successive phases:an analysis phase, targeting the extraction of information about the target and the identification of possible vulnerabilities;and an exploitation phase, applying attack techniques on candidate vulnerabilities. We advocate that protections need to coverthese two phases in order to be effective against real-life attacks. We present PolEn, a toolchain and a processor architecturethat combine countermeasures in order to provide an effective mitigation of side-channel attacks: as a countermeasure againstthe analysis phase, our approach considers the use of code encryption; as a countermeasure against the exploitation phase,our approach considers the use of code polymorphism, because it relies on runtime code generation, and its combinationwith code encryption is particularly challenging. Code encryption is supported by a processor extension such that machineinstructions are only decrypted inside the CPU, which effectively prevents reverse engineering or any extraction of usefulinformation from memory dumps. Code polymorphism is implemented by software means. It regularly changes the observablebehaviour of the program, making it unpredictable for an attacker, hence reducing the possibility to exploit side-channelleakages. We present a prototype implementation, based on the RISC-V Spike simulator and a modified LLVM toolchain. Inour experimental evaluation, we illustrate that PolEn effectively reduces side-channel leakages. For the protected functionsevaluated, static memory use increases by a factor of 5 to 22, corresponding to the joint application of code encryption andcode polymorphism. The overhead, in terms of execution time, ranges between a factor of 1.8 and 4.6.

翻译：本文认为，在实际攻击场景中，侧信道分析涉及两个连续阶段：分析阶段（针对目标信息提取及潜在漏洞识别）和利用阶段（对候选漏洞施加攻击技术）。我们主张防护措施需覆盖这两个阶段才能有效抵御现实攻击。我们提出PolEn——一种集成对策的工具链与处理器架构，旨在有效缓解侧信道攻击：针对分析阶段，采用代码加密作为对策；针对利用阶段，则采用代码多态作为对策。由于代码多态依赖于运行时代码生成，其与代码加密的结合尤为具有挑战性。代码加密通过处理器扩展实现，确保机器指令仅在CPU内部解密，从而有效防止逆向工程或从内存转储中提取有用信息。代码多态通过软件方式实现，定期改变程序的可观测行为，使其对攻击者不可预测，进而降低利用侧信道泄露的可能性。我们基于RISC-V Spike模拟器与改进的LLVM工具链实现了原型系统。实验评估表明，PolEn有效降低了侧信道泄露。在受保护函数评估中，静态内存使用量增加了5至22倍，这对应于代码加密与代码多态的联合应用。执行时间开销范围介于1.8至4.6倍之间。