Algebraic Fault Attacks

代数故障攻击

• 批准号: 267369888
• 负责人: Professor Dr. Bernd Becker
• 金额: --
• 依托单位: Lehrstuhl für Mathemathik mit Schwerpunkt Symbolic Computation
• 依托单位国家: 德国
• 项目类别: Research Grants
• 财政年份: 2015
• 资助国家: 德国
• 起止时间: 2014-12-31 至 2021-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/267369888?language=en
• 关键词: Algebraic; Fault; Attacks

The protection against physical attacks plays a steadily growing, important role for the secure operation of mobile and embedded systems. The continued transition to cyberphysical systems, which are characterized by a high degree of connectivity and a tight coupling of (embedded) computers with the physical world and which often lack perimeter protection, increases the relevance of such attacks even further. The project “Algebraic Fault Attacks” investigates an essential class of physical attacks, namely fault-injection attacks, and the use of algebraic solving techniques as part of such attacks. In the first funding period of the project, solving methods based on a tight integration of border basis solvers with SAT solvers have been developed. Substantial advances have been achieved for both individual types of solving techniques, and a deeper understanding for their synergistic combination has been established. The attacks have been validated by measurements on an FPGA board, and all relevant data (algebraic models, circuit descriptions) have been made available on the project website.In the second funding period, the results achieved so far will be expanded. The attacks will be extended to further classes of crypto systems (stream ciphers, authenticated encryption, public-key and postquantum crypto systems), and the modeling via polynomial systems will be adjusted to the integrated solver. Solving methods will be extended by novel approaches: partial #SAT and approximate #SAT. Circuit descriptions will be incorporated into instance encoding, thereby further optimizing the combination of the solvers. Moreover, the interplay and mutual influence of fault attacks and other hardware-oriented threats, like passive side-channel analysis or reverse engineering, will be investigated. The consideration of a combination of multiple attack vectors is a natural prerequisite for the design of secure circuits, and it has received only cursory attention so far. Cross-level protection methods against fault attacks based on security-oriented nonlinear error-detecting codes will be developed. For the first time, the new constructions will be evaluated in realistic fault-injection scenarios. A bridge between information-theoretical and circuit-level models will be established, and the efficiency of countermeasures against multiple attacks vectors will be studied.

针对物理攻击的保护对于移动的和嵌入式系统的安全操作起着稳定增长的重要作用。网络物理系统的特点是高度连通性和（嵌入式）计算机与物理世界的紧密耦合，而且往往缺乏周边保护，因此继续向网络物理系统过渡，进一步增加了这种攻击的相关性。该项目“代数故障攻击”调查一类基本的物理攻击，即故障注入攻击，并使用代数求解技术作为这种攻击的一部分。在该项目的第一个供资期间，开发了基于边界基解算器与SAT解算器紧密结合的求解方法。这两种单独类型的解决技术都取得了实质性的进展，并且已经建立了对它们的协同组合的更深入的理解。这些攻击已经通过FPGA板上的测量进行了验证，所有相关数据（代数模型、电路描述）都已在项目网站上公布。在第二个资助期内，迄今取得的成果将得到扩展。攻击将被扩展到其他类别的密码系统（流密码，认证加密，公钥和后量子密码系统），通过多项式系统的建模将被调整到集成求解器。求解方法将通过新的方法扩展：部分#SAT和近似#SAT。电路描述将被合并到实例编码中，从而进一步优化求解器的组合。此外，故障攻击和其他面向硬件的威胁，如被动侧信道分析或逆向工程的相互作用和相互影响，将被调查。考虑多个攻击向量的组合是安全电路设计的自然先决条件，到目前为止，它只得到粗略的关注。基于面向安全的非线性检错码的跨级故障保护方法将得到发展。这是第一次，新的建设将在现实的故障注入的情况下进行评估。将建立信息理论模型和电路级模型之间的桥梁，并将研究针对多个攻击向量的对策的效率。