Securing microprocessors against information leakage and physical tampering

US 10,430,565 B2
Filed: 02/27/2018
Issued: 10/01/2019
Est. Priority Date: 11/03/2006
Status: Active Grant

First Claim

Patent Images

1. A method that is performed on a processing device, comprising:

encoding blocks of instructions for a computer program differently to produce coded blocks of instructions that are part of a binary executable, the binary executable being based on the computer program, the blocks of instructions being encoded based on mutation instructions stored in memory, at least one of the mutation instructions to perform encoding based on a processing variation of a die containing the processing device;

associating, with each coded block of instructions, control information to decode a corresponding coded block of instructions; and

executing the binary executable on the processing device, wherein executing the binary executable comprises using the control information to decode the coded blocks of instructions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A processor system comprising: performing a compilation process on a computer program; encoding an instruction with a selected encoding; encoding the security mutation information in an instruction set architecture of a processor; and executing a compiled computer program in the processor using an added mutation instruction, wherein executing comprises executing a mutation instruction to enable decoding another instruction. A processor system with a random instruction encoding and randomized execution, providing effective defense against offline and runtime security attacks including software and hardware reverse engineering, invasive microprobing, fault injection, and high-order differential and electromagnetic power analysis.

Citations

34 Claims

1. A method that is performed on a processing device, comprising:
- encoding blocks of instructions for a computer program differently to produce coded blocks of instructions that are part of a binary executable, the binary executable being based on the computer program, the blocks of instructions being encoded based on mutation instructions stored in memory, at least one of the mutation instructions to perform encoding based on a processing variation of a die containing the processing device;
  
  associating, with each coded block of instructions, control information to decode a corresponding coded block of instructions; and
  
  executing the binary executable on the processing device, wherein executing the binary executable comprises using the control information to decode the coded blocks of instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the blocks of instructions comprise all instructions in the computer program.
  - 3. The method of claim 1, wherein the blocks of instructions comprise less than all instructions in the computer program.
  - 4. The method of claim 1, wherein the coded blocks of instructions define an encoding for the computer program that is unique to the processing device.
  - 5. The method of claim 1, wherein at least one of the mutation instructions is configured to encode a block of instructions based on hardware contained on the processing device.
  - 6. The method of claim 1, wherein at least one of the mutation instructions is configured to encode a block of instructions based on how a payload contained in the block of instructions is to be interpreted.
  - 7. The method of claim 1, wherein at least one of the mutation instructions is configured to encode a first block of instructions based on information stored in a second block of instructions that is different from the first block of instructions.
  - 8. The method of claim 1, wherein at least one of the mutation instructions is configured to encode a block of instructions based on information stored in a storage location that is remote from the block of instructions.
  - 9. The method of claim 1, wherein at least one of the mutation instructions is configured to encode a block of instructions by obfuscating one or more addresses in the block of instructions.
  - 10. The method of claim 1, wherein an order of the coded blocks of instructions in the binary executable is different from an order of corresponding instructions in the computer program.

11. A system comprising:
- machine storage storing a compiler that is executable to perform operations comprising;
  
  encoding blocks of instructions for a computer program differently to produce coded blocks of instructions that are part of a binary executable, the binary executable being based on the computer program, the blocks of instructions being encoded based on mutation instructions stored in memory, at least one of the mutation instructions to perform encoding based on a processing variation of a die containing the processing device; and
  
  associating, with each coded block of instructions, control information to decode a corresponding coded block of instructions; and
  
  hardware to execute the binary executable, wherein executing the binary executable comprises using the control information to decode the coded blocks of instructions.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 12. The system of claim 11, wherein the hardware comprises a decoder to decode the coded blocks of instructions using the control information.
  - 13. The system of claim 11, wherein the blocks of instructions comprise all instructions in the computer program.
  - 14. The system of claim 11, wherein the blocks of instructions comprise less than all instructions in the computer program.
  - 15. The system of claim 11, wherein the coded blocks of instructions define an encoding for the computer program that is unique to the processing device.
  - 16. The system of claim 11, wherein at least one of the mutation instructions is configured to encode a block of instructions based on components contained on the processing device.
  - 17. The system of claim 11, wherein at least one of the mutation instructions is configured to encode a block of instructions based on how a payload contained in the block of instructions is to be interpreted.
  - 18. The system of claim 11, wherein at least one of the mutation instructions is configured to encode a first block of instructions based on information stored in a second block of instructions that is different from the first block of instructions.
  - 19. The system of claim 11, wherein at least one of the mutation instructions is configured to encode a block of instructions based on information stored in a storage location that is remote from the block of instructions.
  - 20. The system of claim 11, wherein at least one of the mutation instructions is configured to encode a block of instructions by obfuscating one or more addresses in the block of instructions.
  - 21. The system of claim 11, wherein an order of the coded blocks of instructions in the binary executable is different from an order of corresponding instructions in the computer program.
  - 22. The system of claim 11, wherein the processing device is a component of a mobile device.

23. A processing device comprising:
- machine storage storing a compiler that is executable to perform operations comprising;
  
  encoding instructions for a computer program in a way that is unique to the processing device to produce coded instructions that are part of a binary executable, the binary executable being based on the computer program, the instructions being encoded based on a processing variation of a die containing the processing device or based on a randomly-generated number stored in memory on the processing device at power-on;
  
  associating, with the coded instructions, corresponding control information to decode the coded instructions; and
  
  microarchitecture to execute the binary executable on the processing device, wherein executing the binary executable comprises using the control information to decode the coded instructions.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The processing device of claim 23, wherein the processing variation of the die corresponds to memory access latency of the processing device.
  - 25. The processing device of claim 23, wherein the coded instructions comprise multiple secure zones, each secure zone ending in an ambiguous branch instruction.
  - 26. The processing device of claim 23, wherein the coded instructions comprise multiple blocks of instructions, the multiple blocks of instructions being in a different order in the coded instructions than corresponding instructions in the computer program.
  - 27. The processing device of claim 23, wherein the microarchitecture is configured to switch on one or more arithmetic and logic units in the processing device during executing the binary executable when an instruction being executed does not use the one or more arithmetic and logic units.
  - 28. The processing device of claim 23, wherein the microarchitecture is configured to replace operations with software interrupts during executing the binary executable in order to change a power profile of the processing device.

29. A method performed by a processing device, comprising:
- encoding instructions for a computer program in a way that is unique to the processing device to produce coded instructions that are part of a binary executable, the binary executable being based on the computer program, the instructions being encoded based on a processing variation of a die containing the processing device or based on a randomly-generated number stored in memory on the processing device at power-on;
  
  associating, with the coded instructions, corresponding control information to decode the coded instructions; and
  
  executing the binary executable on microarchitecture of the processing device, wherein executing the binary executable comprises using the control information to decode the coded instructions.
- View Dependent Claims (30, 31, 32, 33, 34)
- - 30. The method of claim 29, wherein the processing variation of the die corresponds to memory access latency of the processing device.
  - 31. The method of claim 29, wherein the coded instructions comprise multiple secure zones, each secure zone ending in an ambiguous branch instruction.
  - 32. The method of claim 29, wherein the coded instructions comprise multiple blocks of instructions, the multiple blocks of instructions being in a different order in the coded instructions than corresponding instructions in the computer program.
  - 33. The method of claim 29, further comprising:
    - switching on one or more arithmetic and logic units in the processing device during executing the binary executable including when an instruction being executed does not use the one or more arithmetic and logic units.
  - 34. The method of claim 29, further comprising:
    - replacing operations with software interrupts during executing the binary executable in order to change a power profile of the processing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BlueRISC Inc.
Original Assignee
BlueRISC Inc.
Inventors
Moritz, Csaba Andras, Chheda, Saurabh, Carver, Kristopher
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US15/906,306
Publication Number

US 20180349573A1
Time in Patent Office

581 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/55   Detecting local intrusion o...

G06F 21/755   with measures against power...

G06F 2221/033   Test or assess software

G06F 8/41   Compilation

G06F 9/30003   Arrangements for executing ...

G06F 9/30145   Instruction analysis, e.g. ...

G06F 9/3017   Runtime instruction transla...

G06F 9/3846   using static prediction, e....

G06F 9/3879   for non-native instruction ...

Securing microprocessors against information leakage and physical tampering

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Securing microprocessors against information leakage and physical tampering

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links