TWC: Medium: Automating Countermeasures and Security Evaluation Against Software Side-channel Attacks
TWC:中:针对软件旁路攻击的自动化对策和安全评估
基本信息
- 批准号:1563697
- 负责人:
- 金额:$ 120万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Continuing Grant
- 财政年份:2016
- 资助国家:美国
- 起止时间:2016-06-01 至 2021-05-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Side-channel attacks (SCA) have been a realistic threat to various cryptographic implementations that do not feature dedicated protection. While many effective countermeasures have been found and applied manually, they are application-specific and labor intensive. In addition, security evaluation tends to be incomplete, with no guarantee that all the vulnerabilities in the target system have been identified and addressed by such manual countermeasures. This SaTC project aims to shift the paradigm of side-channel attack research, and proposes to build an automation framework for information leakage analysis, multi-level countermeasure application, and formal security evaluation against software side-channel attacks.The proposed framework provides common sound metrics for information leakage, methodologies for automatic countermeasures, and formal and thorough evaluation methods. The approach unifies power analysis and cache-based timing attacks into one framework. It defines new metrics of information leakage and uses them to automatically identify possible leakage of a given cryptosystem at an early stage with no implementation details. The conventional compilation process is extended along the new dimension of optimizing for security, to generate side-channel resilient code and ensure its secure execution at run-time. Side-channel security is guaranteed to be at a certain confidence level with formal methods. The three investigators on the team bring complementary expertise to this challenging interdisciplinary research, to develop the advanced automation framework and the associated software tools, metrics, and methodologies. The outcome significantly benefits security system architects and software developers alike, in their quest to build verifiable SCA security into a broad range of applications they design. The project also builds new synergy among fundamental statistics, formal methods, and practical system security. The automation tools, when introduced in new courses developed by the PIs, help improving students' hands-on experience greatly. The project also leverages the experiential education model of Northeastern University to engage undergraduates, women, and minority students in independent research projects.
侧信道攻击(SCA)已经成为各种不具有专用保护功能的加密实现的现实威胁。虽然已经发现并手动应用了许多有效的对策,但它们是特定于应用程序且劳动密集型的。此外,安全评估往往是不完整的,无法保证目标系统中的所有漏洞都已被识别并通过此类手动对策解决。该项目旨在改变侧信道攻击研究的范式,提出建立一个针对软件侧信道攻击的信息泄漏分析、多层次对策应用和形式化安全评估的自动化框架,提供通用的信息泄漏度量、自动化对策方法和形式化的全面评估方法。该方法将功耗分析和基于缓存的定时攻击统一到一个框架中。它定义了新的信息泄漏指标,并使用它们在早期阶段自动识别给定密码系统的可能泄漏,而无需实现细节。传统的编译过程被扩展沿着新的安全优化维度,以生成侧信道弹性代码并确保其在运行时的安全执行。侧信道安全性通过形式化方法保证在一定的置信水平。团队中的三名研究人员为这项具有挑战性的跨学科研究带来了互补的专业知识,以开发高级自动化框架以及相关的软件工具、指标和方法。这一成果对安全系统架构师和软件开发人员都有很大的好处,因为他们希望将可验证的SCA安全性构建到他们设计的各种应用程序中。该项目还在基础统计、正式方法和实际系统安全之间建立了新的协同作用。自动化工具在PI开发的新课程中引入时,有助于极大地改善学生的实践经验。该项目还利用东北大学的体验式教育模式,让本科生、女性和少数民族学生参与独立的研究项目。
项目成果
期刊论文数量(1)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Masking Feedforward Neural Networks Against Power Analysis Attacks
- DOI:10.2478/popets-2022-0025
- 发表时间:2021-11
- 期刊:
- 影响因子:0
- 作者:Konstantinos Athanasiou;T. Wahl;A. Ding;Yunsi Fei
- 通讯作者:Konstantinos Athanasiou;T. Wahl;A. Ding;Yunsi Fei
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Yunsi Fei其他文献
Orchestrating Horizontal Parallelism and Vertical Instruction Packing of Programs to Improve System Overall Efficiency
编排程序的水平并行性和垂直指令打包,以提高系统整体效率
- DOI:
10.1109/tc.2009.41 - 发表时间:
2009 - 期刊:
- 影响因子:3.7
- 作者:
Hai Lin;Yunsi Fei - 通讯作者:
Yunsi Fei
Towards secure cryptographic software implementation against side-channel power analysis attacks
针对侧信道功率分析攻击的安全加密软件实施
- DOI:
10.1109/asap.2015.7245722 - 发表时间:
2015 - 期刊:
- 影响因子:0
- 作者:
Pei Luo;Liwei Zhang;Yunsi Fei;A. Ding - 通讯作者:
A. Ding
DeepStrike: Remotely-Guided Fault Injection Attacks on DNN Accelerator in Cloud-FPGA
DeepStrike:对 Cloud-FPGA 中的 DNN 加速器进行远程引导故障注入攻击
- DOI:
10.1109/dac18074.2021.9586262 - 发表时间:
2021 - 期刊:
- 影响因子:0
- 作者:
Yukui Luo;Cheng Gongye;Yunsi Fei;Xiaolin Xu - 通讯作者:
Xiaolin Xu
A novel multi-objective instruction synthesis flow for application-specific instruction set processors
用于特定应用指令集处理器的新颖的多目标指令合成流程
- DOI:
10.1145/1785481.1785576 - 发表时间:
2010 - 期刊:
- 影响因子:0
- 作者:
Hai Lin;Yunsi Fei - 通讯作者:
Yunsi Fei
Register file partitioning and recompilation for register file power reduction
寄存器文件分区和重新编译以降低寄存器文件功耗
- DOI:
10.1145/1754405.1754409 - 发表时间:
2010 - 期刊:
- 影响因子:0
- 作者:
Xuan Guan;Yunsi Fei - 通讯作者:
Yunsi Fei
Yunsi Fei的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Yunsi Fei', 18)}}的其他基金
EAGER: Side Channels Go Deep - Leveraging Deep Learning for Side-channel Analysis and Protection
EAGER:侧信道深入——利用深度学习进行侧信道分析和保护
- 批准号:
2212010 - 财政年份:2022
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
SaTC: CORE: Medium: Protecting Confidentiality and Integrity of Deep Neural Networks against Side-Channel and Fault Attacks
SaTC:核心:中:保护深度神经网络的机密性和完整性免受侧通道和故障攻击
- 批准号:
1929300 - 财政年份:2019
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Phase I IUCRC Northeastern University: Center for Hardware and Embedded System Security and Trust (CHEST)
第一阶段IUCRC东北大学:硬件和嵌入式系统安全与信任中心(CHEST)
- 批准号:
1916762 - 财政年份:2019
- 资助金额:
$ 120万 - 项目类别:
Continuing Grant
Planning IUCRC Northeastern University: Center for Hardware and Embedded System Security and Trust (CHEST)
规划 IUCCRC 东北大学:硬件和嵌入式系统安全与信任中心 (CHEST)
- 批准号:
1747748 - 财政年份:2018
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
TWC: Medium: Collaborative: A Unified Statistics-Based Framework for Side-Channel Attack Analysis and Security Evaluation of Cryptosystems
TWC:媒介:协作:基于统计的统一框架,用于密码系统的侧通道攻击分析和安全评估
- 批准号:
1314655 - 财政年份:2013
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
MRI: Development of a Testbed for Side Channel Analysis and Security Evaluation (TeSCASE)
MRI:开发侧通道分析和安全评估测试台 (TeSCASE)
- 批准号:
1337854 - 财政年份:2013
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
A Multi-level/multi-faceted Framework for Energy-efficient Application-Specific Instruction Set Processor Synthesis
节能型专用指令集处理器综合的多层次/多方面框架
- 批准号:
0541102 - 财政年份:2006
- 资助金额:
$ 120万 - 项目类别:
Continuing Grant
相似海外基金
Collaborative Research: CyberTraining: Implementation: Medium: Training Users, Developers, and Instructors at the Chemistry/Physics/Materials Science Interface
协作研究:网络培训:实施:媒介:在化学/物理/材料科学界面培训用户、开发人员和讲师
- 批准号:
2321102 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
RII Track-4:@NASA: Bluer and Hotter: From Ultraviolet to X-ray Diagnostics of the Circumgalactic Medium
RII Track-4:@NASA:更蓝更热:从紫外到 X 射线对环绕银河系介质的诊断
- 批准号:
2327438 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: Topological Defects and Dynamic Motion of Symmetry-breaking Tadpole Particles in Liquid Crystal Medium
合作研究:液晶介质中对称破缺蝌蚪粒子的拓扑缺陷与动态运动
- 批准号:
2344489 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: AF: Medium: The Communication Cost of Distributed Computation
合作研究:AF:媒介:分布式计算的通信成本
- 批准号:
2402836 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Continuing Grant
Collaborative Research: AF: Medium: Foundations of Oblivious Reconfigurable Networks
合作研究:AF:媒介:遗忘可重构网络的基础
- 批准号:
2402851 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Continuing Grant
Collaborative Research: CIF: Medium: Snapshot Computational Imaging with Metaoptics
合作研究:CIF:Medium:Metaoptics 快照计算成像
- 批准号:
2403122 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: SHF: Medium: Differentiable Hardware Synthesis
合作研究:SHF:媒介:可微分硬件合成
- 批准号:
2403134 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: SHF: Medium: Enabling Graphics Processing Unit Performance Simulation for Large-Scale Workloads with Lightweight Simulation Methods
合作研究:SHF:中:通过轻量级仿真方法实现大规模工作负载的图形处理单元性能仿真
- 批准号:
2402804 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: CIF-Medium: Privacy-preserving Machine Learning on Graphs
合作研究:CIF-Medium:图上的隐私保护机器学习
- 批准号:
2402815 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant
Collaborative Research: SHF: Medium: Tiny Chiplets for Big AI: A Reconfigurable-On-Package System
合作研究:SHF:中:用于大人工智能的微型芯片:可重新配置的封装系统
- 批准号:
2403408 - 财政年份:2024
- 资助金额:
$ 120万 - 项目类别:
Standard Grant