Rosita is a code rewrite framework aims at eliminating side-channel leakage from masked implementations. It uses a leakage emulator (based on ELMO) to identify leaking instructions, and applies code modifications to eliminate the leakage.
For more information, see the NDSS 2021 paper and the datasets it describes. Our talk on Rosita at Real World Crpyto 2021 is available here.
Please use these scripts and tools to draw the corresponding figures in our paper.
Run the following commands in a bash shell. Please make sure that you run all
commands regarding Rosita after you have sourced the content of envvars.
./setup.sh
source envvars # setup required environment variables
Rosita's workflow is as follows,
-
Build the cipher implementation to be tested using customizations needed and run ELMO to emulate power traces. The
--from-asmoption is needed for all runs after the first run. This is due to the modifications from Rosita is applied to assembler files and if built from the source files, these files get overwritten../ROSITA/emulatetraces --reps <TRACE-COUNT> --fixed-inputs <NO-OF-FIXED-INPUTS> -b [--from-asm] <BUILD-JSON-FILE> # Examples: # Note for Xoodoo: You may need to run patchror.sh in Xoodoo test directory to replace ror instructions # according to .syntax unified/divided directives which Rosita doesn't support currently ./ROSITA/emulatetraces --reps 10000 --fixed-inputs 1 -b [--from-asm] ./TESTS/xoodoo/build_2share.json ./ROSITA/emulatetraces --reps 10000 --fixed-inputs 1 -b [--from-asm] ./TESTS/chacha20/build_2share.json ./ROSITA/emulatetraces --reps 10000 --fixed-inputs 1 -b [--from-asm] ./TESTS/aes/build.json -
Apply code rewrites using Rosita's pattern library
./ROSITA/rosita -m <BUILD-JSON-FILE> # Example: ./ROSITA/rosita -m ./TESTS/xoodoo/build_2share.json -
Repeat from 1. until the leakage measure is zero
-
View instruction level leakage and root causes (after running ELMO using
-boption for emulatetraces)./ROSITA/rosita -a ./TESTS/aes/build.json -
Dump t-test values as a text file
./ROSITA/rosita --emit-tvals ./TESTS/aes/build.json
This project was supported by:
- European Union Horizon 2020 research and innovation program under CERBERO project (grant agreement number 732105)
- The Australian Research Council project numbers DE200101577, DP200102364, and DP210102670
- Data61, CSIRO
- The Research Center for Cyber Security at Tel- Aviv University established by the State of Israel, the Prime Minister’s Office and Tel-Aviv University
- A gift from Intel.