Presentation at WESS 2015

Last October, our colleague PhD Pedro Malagón traveled to Amsterdam, The Netherlands, to present our latest work on security in the international Workshop on Embedded Systems Security (WESS 2015).

Bitslice is a non-conventional way to implement algorithms using a scalar processor as a SIMD. It involves breaking down the algorithm into logical bit operations so that N parallel
operations are possible on a single N-bit microprocessor. It is applied to encryption algorithms, processing N consecutive blocks simultaneously, to achieve high throughput.
Security applications using the KeeLoq algorithm are not suitable to traditional bitslice implementations because usually there are no N blocks to be processed.
In our paper “Bitslice software implementation of KeeLoq as a side-channel countermeasure” we propose a KeeLoq bitslice implementation, derived from its Algebraic Normal Form,  for a single input block as a countermeasure against side-channel attacks. Our experimental results show there is no timing information leaked with an improvement factor of 3.01 in executed cycles. However, the implementation is still vulnerable to differential side-channel analysis, so we propose a secured variation that increases the resistance against differential power analysis without timing leakage, with a lower improvement factor of 1.21 in executed cycles.

Embedded computing systems are responsible for a large number of safety-critical systems as well as for the management of critical information. The advent of the Internet-of-Things introduces a large number of security issues: the Internet can be used to attack embedded systems and embedded systems can be used to attack the Internet. Furthermore, embedded systems are vulnerable to many attacks not relevant to servers because they are physically accessible. Inadvertent threats due to bugs, improper system use, etc. can also have effects that are indistinguishable from malicious attacks. This workshop address the range of problems related to embedded system security, having a particular interest on security topics that are unique to embedded systems. The workshop encourages discussion and debate about embedded systems security.

The 10th edition was held in Amsterdam on 8 October 2015 and has been hosted by the Embedded Systems Week (ESWEEK) 2015 Conference. It has been a good opportunity to present, interact and learn about the latest research on systems security.