extension_routes - ChairImpSec/PROLEAD GitHub Wiki

Type

JSON Object (similar to probe_placement)

Default

By default, PROLEAD allows full probe-extension without any interruption.

/* Default configuration (not given in the settings file) */
"side_channel_analysis": {
    "extension_routes": {
      "include": {
        "signals": ".*",
        "paths": ".*"
      },
      "exclude": {
        "signals": "(?!)",
        "paths": "(?!)"
      }	 
    }
  }
}

Description

Limit the propagation of probes through combiantional logic, enabling you to precisely locate leakages. This configuration relies on include and exclude settings, which use regular expressions (regex) to specify the wires of interest.

  • If the include setting is defined first, a probe can be extended to all wires matching the include regex, provided they do not match the subsequent exclude regex.
  • Similarly, if the exclude setting is defined first, a probe can't be extended to all wires matching the exclude regex, unless they match the following include regex.

If a probe cannot be extended to another wire the probe-extension stops with a probe on the current wire.

Additionally, both include and exclude settings consist of two regex patterns, defined through the signals and paths options:

  • If a wire matches the signals regex, only the extension through that specific wire is allowed or forbidden.
  • If a wire matches the paths regex, the extension through the wire is allowed or forbidden along with all wires that can be reached through a glitch extension starting from that wire.

Impact

For a comprehensive security evaluation, we recommend using the default settings. However, if the focus is on specific wires, this configuration significantly reduces both runtime and memory usage.

Examples

"side_channel_analysis": {
    "extension_routes":
    {
      "include": {
        "signals": "(?!)",
        "paths": "(?!)"
      },
      "exclude": {
        "signals": ".*",
        "paths": ".*"
      }	
    }
}

In this example, probe extension is completely prohibited. Therefore, PROLEAD will attempt to extend probes from their initial placement locations. However, since extensions to any wire are disallowed, the probes will remain at their original positions. This setup corresponds to an evaluation based on the d-probing model.

Suggested Articles

  • For guidance on adjusting the positions where probes can be placed by an adversary, see probe_placement.
  • To learn how to exclude specific probes from a probing set during evaluation, see observed_extensions.