TWC: Medium: Collaborative: A Unified Statistics-Based Framework for Side-Channel Attack Analysis and Security Evaluation of Cryptosystems

TWC：媒介：协作：基于统计的统一框架，用于密码系统的侧通道攻击分析和安全评估

• 批准号: 1314655
• 负责人: Yunsi Fei
• 金额: $ 52.21万
• 依托单位: Northeastern University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-07-01 至 2017-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1314655&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Unified; Statistics

Side-channel attack (SCA) has shown to be a serious implementation attack to many cryptosystems. Practical countermeasures only mitigate the vulnerability to some extent. Considerable research efforts on leakage-resilient cryptography have so far not led to practical leakage-resilient implementations. One hindering reason is the lack of commonly accepted and sound metrics, standards, and evaluation procedures to measure and evaluate the vulnerability/resilience of cryptosystems to various side-channel attacks. Accurate modeling of side channels, however, is one of the open problems in applied crypto research. This project aims to close the gap between SCA theories and practices by formalizing a general framework for side-channel attack analysis and security evaluation of cryptosystems. The proposed framework quantifies the effect of algorithmic and implementation characteristics on the success rate of the theoretically strongest maximum likelihood attack, revealing system-inherent SCA-related parameters for security improvement. The framework will extract maximum leakage from the observed measurement data in the black-box scenario, often the realistic situation for adversaries. State-of-the-art statistical methods are employed in the framework to precisely analyze and evaluate the overall side-channel leakage. This holistic framework will significantly alleviate the burden of security system architects, software developers, and hardware designers in their quest to build SCA security into systems they design, so as to ultimately yield provably secure hardware.

侧通道攻击（SCA）已证明对许多密码系统进行了严重的实施攻击。实际对策仅在某种程度上减轻了脆​​弱性。到目前为止，有关泄漏弹性加密的大量研究工作并没有导致实践泄漏弹性实现。一个阻碍的原因是缺乏常见的和声音指标，标准和评估程序，无法测量和评估密码系统对各种侧向通道攻击的脆弱性/弹性。但是，侧通道的准确建模是应用加密研究中的开放问题之一。该项目旨在通过形式化侧通道攻击分析和加密系统的安全评估的一般框架来缩小SCA理论和实践之间的差距。所提出的框架量化了算法和实现特征对理论上最大最大似然攻击成功率的影响，从而揭示了系统链接与SCA相关的参数，以改善安全性。该框架将在黑框方案中观察到的测量数据中提取最大泄漏，通常是对手的现实情况。框架中采用了最先进的统计方法来精确分析和评估整体侧通道泄漏。这个整体框架将大大减轻安全系统架构师，软件开发人员和硬件设计人员的负担，以寻求将SCA安全性构建到其设计的系统中，从而最终产生可证明安全的硬件。