CT-ISG: Collaborative Research: Fault Tolerance in Crypto Hardware via Dynamic Assertion Checking

CT-ISG：协作研究：通过动态断言检查实现加密硬件的容错

• 批准号: 0831349
• 负责人: Ramesh Karri
• 金额: $ 23.17万
• 依托单位: Polytechnic University of New York
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2008
• 资助国家: 美国
• 起止时间: 2008-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0831349&HistoricalAwards=false
• 关键词: CT; ISG; Collaborative; Research; Fault

ABSTRACT:Secure applications require trustworthy hardware for successful deployment. A trustworthy hardware device (e.g., a smart card) should maintain its security properties even against efforts at probing and reverse engineering; moreover, sensitive data stored on a trustworthy hardware device should be protected at all times. Side-channels attacks are used to learn the secrets stored by a device through monitoring the side effects of its computation. The well known power side-channel attack uses the effect that a cryptographic key has on the power waveform as the cipher runs. Another side-channel attack, the focus of this project, is the Differential Fault Attack (DFA). DFAs alter the computations performed by a trustworthy device and use the faulty results to uncover secrets. An approach to defeating DFAs is to continuously check dynamic assertions, made part of its cryptographic algorithms (including, e.g., symmetric block and stream ciphers, asymmetric ciphers, and message authentication), against DFA. The project advances secure hardware design methods and methodologies, develops course material on side-channel attacks and countermeasures, and promotes technology transfer through partnerships with industry. The project has a strong education component with opportunities for international research experience.

摘要：安全应用需要可靠的硬件才能成功部署。一个值得信赖的硬件设备（例如智能卡）即使在探测和逆向工程的情况下也应该保持其安全属性；此外，存储在值得信赖的硬件设备上的敏感数据应该始终受到保护。侧信道攻击是通过监控设备计算的副作用来获取设备存储的秘密。众所周知的功率侧信道攻击利用了加密密钥在密码运行时对功率波形的影响。另一种侧信道攻击是差分故障攻击（DFA），也是本项目的重点。dfa改变由可信设备执行的计算，并使用错误的结果来发现秘密。击败DFA的一种方法是不断检查动态断言，这些断言是其加密算法的一部分（包括，例如，对称块和流密码、非对称密码和消息身份验证），以对抗DFA。该项目推进了安全硬件设计方法和方法论，开发了关于侧信道攻击和对策的课程材料，并通过与工业界的合作促进了技术转让。该项目具有很强的教育成分，并有机会获得国际研究经验。