SaTC: CORE: Small: An Automated Framework for Mitigating Single-Trace Side-Channel Leakage

SaTC：核心：小型：用于减轻单迹侧通道泄漏的自动化框架

• 批准号: 2241879
• 负责人: Aydin Aysu
• 金额: $ 33.98万
• 依托单位: North Carolina State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2241879&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Automated; Framework

Quantum computers can break existing cryptography algorithms (e.g., RSA - Rivest–Shamir–Adleman) that are used to secure data transmission in everyday applications, such as point-of-sale purchases and online payments. Post-quantum cryptography seeks new cybersecurity solutions for such applications that are resilient to quantum computer attacks. The National Institute of Science and Technology (NIST) is currently evaluating and standardizing such algorithms for mass-scale adoption. Although these algorithms can be shown to be theoretically secure, their practical implementation can be vulnerable to attacks. Specifically, adversaries can use the power consumption or electromagnetic radiation of a device running the cryptography algorithm to reverse-engineer computations and steal secret cryptographic keys. Therefore, practical deployment of next-generation cybersecurity standards requires protected software implementations against such attacks. At the same time, the validation and application of such defenses need automation to broadly address these vulnerabilities in a variety of computing devices. The project’s novelties are exposing unknown risks of software running post-quantum cryptography to reverse-engineering attacks and developing a new framework to automatically address those risks. The project’s broader significance and importance are improving national security and training a cybersecurity-aware science, technology, engineering and mathematics (STEM) workforce. This project analyzes side-channel security vulnerabilities in the software implementations of lattice-based cryptography algorithms that were chosen by NIST for post-quantum standardization. The primary research objective of this project is to develop a framework to automatically expose and mitigate single-trace side-channel vulnerabilities. Single-trace attacks aim to steal information from a single execution's leakage and are harder to mitigate than those needing repeated measurements. The project augments low-level virtual machine frameworks by applying static and dynamic program analysis to detect vulnerabilities, and by using program repair with randomization techniques to address the leakage.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

量子计算机可以破解现有的加密算法（例如，RSA - Rivest-Shamir-Adleman），用于保护日常应用中的数据传输，例如销售点购买和在线支付。 后量子密码学为这些应用寻求新的网络安全解决方案，这些应用可以抵御量子计算机攻击。 美国国家科学技术研究所（NIST）目前正在评估和标准化这些算法，以供大规模采用。 虽然这些算法在理论上是安全的，但它们的实际实现可能容易受到攻击。 具体而言，攻击者可以利用运行密码算法的设备的功耗或电磁辐射来逆向工程计算并窃取秘密的加密密钥。 因此，下一代网络安全标准的实际部署需要保护软件实现免受此类攻击。 与此同时，这种防御的验证和应用需要自动化，以广泛解决各种计算设备中的这些漏洞。 该项目的创新之处在于将运行后量子密码学的软件的未知风险暴露给逆向工程攻击，并开发一个新的框架来自动解决这些风险。 该项目更广泛的意义和重要性是改善国家安全和培训具有网络安全意识的科学，技术，工程和数学（STEM）劳动力。 该项目分析了NIST选择用于后量子标准化的基于格的密码算法的软件实现中的侧信道安全漏洞。 该项目的主要研究目标是开发一个框架来自动暴露和缓解单跟踪侧通道漏洞。 单跟踪攻击的目的是从单个执行的泄漏中窃取信息，并且比那些需要重复测量的攻击更难缓解。 该项目通过应用静态和动态程序分析来检测漏洞，并通过使用程序修复和随机化技术来解决泄漏问题，从而增强了低级虚拟机框架。该奖项反映了NSF的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。