SaTC: STARSS: Small: Combined Side-channel Attacks and Mathematical Foundations of Combined Countermeasures

SaTC：STARSS：小：组合侧信道攻击和组合对策的数学基础

• 批准号: 1715286
• 负责人: Selcuk Kose
• 金额: $ 24.67万
• 依托单位: University of South Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-10-01 至 2019-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1715286&HistoricalAwards=false
• 关键词: SaTC; STARSS; Small; Combined; Side

Digital information has become an integral part of our daily lives and there is a growing concern about the security of information. The amount of information that should be kept secure is increasing with the proliferation of high-tech electronics such as smart-phones, tablets, and wearable devices. Accordingly, the number of attacks from malicious parties to obtain the secret information that is stored in a secure (i.e., encrypted) device increases. Side-channel attacks are widely used to extract information from an integrated circuit (IC) or a smart card by observing different leakage sources such as power consumption, timing information, temperature, electromagnetic (EM) emanations, and acoustic waves while loading/executing/storing information. Due to the low cost and potentially non-invasive nature, side-channel attacks pose a serious threat to the security of personal, commercial, and military information. By providing design guidelines against side-channel attacks, our project benefits companies, governments, and individuals in securing the digital information.This project investigates the power and feasibility of combined side-channel attacks including both physical side-channel attacks (i.e., power, timing, and electromagnetic) and fault injection attacks. Since each attack vector leverages a different leakage mechanism, the countermeasures against different attack vectors may differ significantly. Accordingly, mathematical foundations of combined countermeasures against multiple attack vectors are developed. In this project, the existing resources are utilized as a countermeasure against combined attacks together with dedicated countermeasures to minimize the energy and performance overheads of security. This project provides several opportunities to underrepresented groups and undergraduate students to engage in hardware security research.

数字信息已经成为我们日常生活中不可或缺的一部分，人们越来越关注信息的安全。随着智能手机、平板电脑和可穿戴设备等高科技电子产品的普及，应该保护的信息量正在增加。因此，来自恶意方的攻击次数增加，以获得存储在安全(即，加密的)设备中的秘密信息。旁路攻击被广泛用于从集成电路(IC)或智能卡中提取信息，方法是在加载/执行/存储信息时观察不同的泄漏源，例如功耗、定时信息、温度、电磁(EM)发射和声波。由于旁路攻击的低成本和潜在的非侵入性，它对个人、商业和军事信息的安全构成了严重威胁。通过提供针对旁通道攻击的设计指南，我们的项目使公司、政府和个人在保护数字信息方面受益。本项目调查了组合侧通道攻击的威力和可行性，包括物理侧通道攻击(即电源、定时和电磁)和故障注入攻击。由于每个攻击向量利用不同的泄漏机制，因此针对不同攻击向量的对策可能会有很大差异。在此基础上，建立了联合对抗多个攻击载体的数学基础。在该项目中，利用现有资源作为应对组合攻击的对策，以及专门的对策，以最大限度地减少安全的能量和性能开销。该项目为代表性不足的群体和本科生提供了几个从事硬件安全研究的机会。