Physical side-channel attacks threaten the security of exposed embedded devices, such as microcontrollers. Dedicated countermeasures, like masking, are necessary to prevent these powerful attacks.
However, a gap between well-studied leakage models and observed leakage on real devices makes the application of these countermeasures non-trivial. This work provides a gadget-based concept to automated masking covering practically relevant leakage models to achieve security on real-world devices. We realize this concept with a fully automated compiler that transforms unprotected microcontroller-implementations of cryptographic primitives into masked executables, capable of being executed on the target device.
In a case study, we apply our approach to a bitsliced LED implementation and perform a TVLA-based security evaluation of its core component: the PRESENT s-box.