Tytuł artykułu
Autorzy
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Moduł Secure Docking Station oraz jego ochrona przed atakami sprzętowymi
Języki publikacji
Abstrakty
Security and Trust in communication systems where very sensitive information are exchanged is achieved and retained through hardware means. In the SECRICOM project where seamless, interoperable crisis management communication is required, we have developed a security and trust managements mechanism based on a smart card like hardware structure called Secure Docking Module (SDM). However, given the highly secure and hostile environment (emergency, crisis situation) where the SDM needs to function, this security module can be the subject of many attacks. While cryptanalytic attacks on the SDM security are impossible due to the employed strong cryptographic algorithms, attacks targeting the SDM implementation constitute a pragmatic threat that cannot be neglected. In this paper, we address possible hardware issues of the SDM chip and focus on the Hardware attack protection mechanisms especially on the SDM RSA and AES cryptographic accelerators. We present the research work that was done through the SECRICOM project on the above issues and analyze the basic concept behind the protected RSA-AES structures that complement the SDM architecture. Those hardware structures are fully compatible with the SDM protocols and offer strong protection against hardware power attacks and fault attacks while retaining high performance characteristics.
Bezpieczeństwo i zaufanie w systemach łączności, gdzie są przetwarzane informacje niejawne, jest zapewniane za pomocą rozwiązań sprzętowych. W projekcie SECRIOM, w którym jest wymagana interoperacyjna oraz "bezszwowa" łączność w zarządzaniu kryzysowym, wytworzono mechanizm zapewniania bezpieczeństwa oraz zaufania oparty na rozwiązaniu typu kart inteligentnych - Secure Docking Module (SDM). Biorąc jednak pod uwagę wysoki poziom zagrożenia środowiska łączności w sytuacjach kryzysowych, sam moduł SDM może być przedmiotem wielu ataków. Pomimo że ataki kryptoanalityczne na SDM są niemożliwe ze względu na zastosowane silne algorytmy kryptograficzne, zagrożenie wynikające z ataków na implementację SDM nie powinno być zaniedbywane. W artykule opisano możliwe problemy rozwiązań sprzętowych w chipie SDM oraz wyeksponowano mechanizmy zapobiegania atakom sprzętowym, szczególnie skierowanym na SDM RSA i akceleratory kryptograficzne AES. Zaprezentowano ponadto struktury RSA-AES, które uzupełniają architekturę SDM z punktu widzenia wzmocnienia ochrony. Te struktury sprzętowe są w pełni kompatybilne z protokołami w ramach SDM i oferują silną ochronę przed atakami fizycznymi, jednocześnie nie obniżają wysokich właściwości użytkowych.
Rocznik
Tom
Strony
123--138
Opis fizyczny
Bibliogr. 34 poz., rys.
Twórcy
autor
autor
autor
autor
- Electrical and Computer Engineering Dpt, University of Patras, Rio Campus, Greec
Bibliografia
- AKKAR M.-L., GIRAUD C. 2001. An Implementation of DES and AES, Secure against Some Attacks. In: Proceedings of CHES’01. Edited by C¸ etin Koc¸, D. Naccache, C. Paar. LNCS, 2162: 309-318, Springer-Verlag, Paris, France.
- AMBROSE J., RAGEL R., PARAMESWARAN S., IGNJATOVIC A. 2011. Multiprocessor information concealment architecture to prevent power analysis-based side channel attacks. Computers Digital Techniques, IET, 5(1): 1-15.
- AUMULLER C., BIER P., FISCHER W., HOFREITER P., SEIFERT J.-P. 2002. Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures, In: Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ’02), Eds. B.S. Kaliski Jr., C.K. Koc¸, Ch. Paar. Springer-Verlag, London, UK, pp. 260-275.
- BERTONI G., BREVEGLIERI L., KOREN I., MAISTRI P., PIURI V. 2002. A parity code based fault detection for an implementation of the advanced encryption standard. In: Proceedings of DFT’02. IEEE Computer Society, Washington, DC, USA, pp. 51-59.
- BHATTACHARYA K., RANGANATHAN N. 2008. A linear programming formulation for security-aware gate sizing. In: GLSVLSI ’08. Proceedings of the 18th ACM Great Lakes symposium on VLSI. 1em plus 0.5em minus 0.4em New York, NY, USA: ACM, pp. 273-278.
- BIHAM E., SHAMIR A. 1997. Differential Fault Analysis of Secret Key Cryptosystems. In: Proceedings of CRYPTO’97, LNCS, 1294: 513-525.
- BONEH D., DEMILLO R.A., LIPTON R.J. 1997. On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract). In Proc. EUROCRYPT, pp.37-51.
- BRIER E., CLAVIER C., OLIVIER F. 2004. Correlation Power Analysis with a leakage model. In: Proceedings of CHES 2004. Edited by M. Joye and J.-J. Quisquater, Lecture Notes in Computer Science, 3156: 16-29, Springer-Verlag.
- CHEN Z., SINHA A., SCHAUMONT P. 2010. Implementing virtual secure circuit using a custom-instruction approach. In: Proceedings of CASES ’10, ACM, New York, NY, USA, pp. 57-66.
- DOULCIER-VERDIER M., DUTERTRE J-M., FOURNIER J., RIGAUD J-B., ROBISSON B., TRIA A. 2011. A SideChannel and Fault Attack Resistant AES circuit working on duplicated complemented values. In: Solid State Circuits Conference - Digest of technical papers, 2011 (ISSCC 2011). Page 15.6, IEEE International.
- FOURNARIS A.P. 2010. Fault and Simple Power Attack Resistant RSA using Montgomery Modular Multiplication. Proc. of the IEEE International Symposium on Circuits and Systems (ISCAS 2010) IEEE, pp. 1875-1878).
- FOURNARIS A.P., HEIN D.M. 2011. Trust Management Through Hardware Means: Design Concerns and Optimizations. In: Eds., N. Voros, A. Mukherjee, N. Sklavos, K. Masselos, M. Huebner, Symposium VLSI 2010 Annual, vol. 105, pp. 31-45. Springer Netherlands.
- FOURNARIS A.P., KOUFOPAVLOU O. 2011. Efficient CRT RSA with SCA countermeasures. In: Proceedings of 14th Euromicro DSD ’11. Oulu, Finland, pp. 593-599.
- GANDOLFI K., MOURTEL C., OLIVIER F. 2001. Electromagnetic Analyis: Concrete Results. In: Proceedings of CHES’01, Eds. C¸ . Koc¸, D. Naccache, C. Paar, LNCS, 2162: 251-261, Springer-Verlag, Paris, France.
- GIERLICHS B., BATINA L, TUYLS P., PRENEEL B. 2008. Mutual Information Analysis - A Generic Side-Channel Distinguisher. In: Proceedings of CHES’08. Eds. E. Oswald, P. Rohatgi, Lecture Notes in Computer Science, 5154: 426-442, Springer-Verlag, Washington DC,US.
- GIRAUD C. 2006. An RSA implementation resistant to fault attacks and to simple power analysis. IEEE Transactions on Computers, 55(9): 1116-1120.
- GIRAUD C. 2005. DFA on AES. In: Advanced Encryption Standard - AES. Eds. H. Dobbertin, V. Rijmen, A. Sowa, Lecture Notes in Computer Science, 3373: 27–41, Springer Berlin / Heidelberg.
- GUILLEY S., HOOGVORS T.P., MATHIEU Y., PACALET R. 2005. The backend duplication method. In: Proceedings of CHES’05, pp. 383-397.
- JOYE M., YEN S.-M. 2003. The Montgomery powering ladder. In: CHES ’02: Revised Papers from the 4 th International Workshop on Cryptographic Hardware and Embedded Systems. 1em plus 0.5em minus 0.4em London, UK: Springer-Verlag, pp. 291-302.
- JOYE M., MANET P., RIGAUD J.-B. 2007. Strengthening Hardware AES Implementations against Fault Attack. IET Information Security, 1: 106-110.
- KARPOVSKY M. G., KULIKOWSKI K. J., TAUBIN A. 2004. Robust protection against fault injection attacks on smart cards implementing the Advanced Encryption Standard. In: Proceedings of DSN 2004, pp. 93-101, IEEE Computer Society.
- KARRI R., KUZNETSOV G., GOESSEL M. 2003. Parity-Based Concurrent Error Detection of SubstitutionPermutation Network Block Ciphers. In: Proceedings of CHES’03, LNCS, 2779: 113-124, Springer-Verlag, Cologne, Germany.
- KIM C. H., QUISQUATER J.-J. 2007. Fault attacks for CRT based RSA: New attacks, new results, and new countermeasures. In: WISTP, Eds. D. Sauveron, C. Markantonakis, A. Bilas, J.-J. Quisquater. Lecture Notes in Computer Science, 4462. pp. 215-228, 1em plus 0.5em minus 0.4em Springer.
- KOCHER P., JAFFE J., JUN B. 1999. Differential Power Analysis. Advances in Cryptology Proceedings of Crypto 1999, pp. 388-397. Springer-Verlag.
- LENSTRA A. K. 1996. Memo on RSA signature generation in the presence of faults.
- MALKIN T. G., STANDAERT F.-X., YUNG M. 2005./ A comparative cost/security analysis of fault attack countermeasures. In: Proceedings of FDTC’05, pp. 109-123, Edinburgh, UK.
- MANGARD S., OSWALD E., POPP T. 2007. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer.
- PIRET G., QUISQUATER J.-J. 2003. A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD. In Proceedings of CHES’03, 2 LNCS, 779: pp. 77-88, Springer-Verlag.
- QUISQUATER J.-J., SAMYDE D. 2001. Electromagnetic Analysis (EMA): Measures and coutermeasures for smart cards. In: e-smart 2001, LNCS, 2140: 200-210.
- SECRICOM. 2008. Seamless communication for crisis management. http://www.secricom.eu/menuobjectives.
- SOARES R., CALAZANS N., LOMNE´ V., MAURINE P., TORRES L., ROBERT M. 2008. Evaluating the robustness of secure triple track logic through prototyping. In: Proceedings of SBCCI’08, pp. 193-198, ACM, New York, NY, USA.
- TIRI K., VERBAUWHEDE I. 2003. Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology. In: Proceedings of CHES’03, LNCS, 2779: 125-136, Springer-Verlag, Cologne, Germany, 2003.
- TIRI K., VERBAUWHEDE I. 2006. A digital design flow for secure integrated circuits, IEEE Trans. on CAD of Integrated Circuits and Systems, 25(7): 1197-1208.
- TOKUNAGA C., BLAAUW D. 2009. Secure AES engine with a local switched-capacitor current equalizer. In: Digest of Technical Papers of ISSCC 2009. IEEE International, pp. 64-65, San Francisco, USA.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-article-BAR0-0068-0036