Power modeling approach to protect GPUs from side-channel attacks

Abstract

Graphic Processing Units (GPUs) have become of accelerator of choice to speed up the execution of a wide range of applications. Given the massive number of compute cores on these devices, GPUs have become an attractive platform to accelerate security and cryptography applications. While performance is a critical quality to prevent online attacks, current accelerators are ill-equipped to protect against side-channel attacks. When launching a side channel, the attacker exploits the physical implementation of a cryptographic algorithm, rather than the inherent theoretical weaknesses of the algorithm. Side channel leakage can come in the form of power dissipation, performance degradation or electromagnetic waves. This thesis considers the first of these sources. Power modeling of GPU devices has been well studied by the computer architecture community. The goal of power modeling is to be able to tradeoff power for performance in the design of the GPU. Prior work has shown that by recording the amount of energy consumed by a GPU during encryption or decryption, an attacker can capture secret information. If we can understand how the underlying microarchitecture leaks side-channel information to an attacker, we can build much more robust obfuscation approaches. In this thesis, our aim is not to build yet another GPU power model. Instead, we deliver GIPSim, a framework to enable security researchers to reason about side-channel leakage present in the context of a GPU execution-driven simulator. We show how researchers can capture detailed power estimates while running CUDA programs on a Kepler-family GPU and use the information to obfuscate power by obscuring data-dependent power leakage. We show how traditional hiding and masking techniques can be applied in the context of a GPU. These, in turn, reduce the vulnerability present in this context. We also detail how we leverage machine learning techniques using a Long Short-Term Memory neural networks to further improve the obfuscation. Our goal is to design a system that can thwart power-based side-channel attacks. We demonstrate that we can model data-dependent power dissipation, capturing the hamming distance of data values used during the execution of AES encryption. This same approach is used in power-based side-channel attacks. GIPSim is one of the first simulation environments that can be used for evaluating power side-channel resiliency and help build a more secure accelerator--Author's abstract