权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

Security Evaluation of IoT Devices against Medium and Long-Range Side-Channel Attacks

物联网设备针对中远程侧信道攻击的安全评估

基本信息

批准号：
20K19798
负责人：
李陽
金额：
$ 2.75万
依托单位：
The University of Electro-Communications
依托单位国家：
日本
项目类别：
Grant-in-Aid for Early-Career Scientists
财政年份：
2020
资助国家：
日本
起止时间：
2020-04-01 至 2024-03-31
项目状态：
已结题

来源：
https://kaken.nii.ac.jp/en/grant/KAKENHI-PROJECT-20K19798/
关键词：
side-channel attack screaming channel AES Side-Channel Attack Range SCA IoT Devices Key Recovery IoT Distance

项目摘要

This year, our research has yielded 2 achievements.Firstly, we developed two key recovery methods, based on the unique leakage model we discovered for the screaming channel. These methods leverage different assumptions about the leakage models, leading to the design of second-round attacks and final round key recovery method. In the experiment, we've seen a considerable enhancement in attack efficiency compared to previous methodologies.In particular, for the second-round attack, we capitalized on the similarity of leakages when the most significant 4 bits of the S-box input are the same. We devised a chosen-plaintext attack that employs the variance of the traces as a distinguisher, enabling independent key byte recovery. Our results indicated that the key could be retrieved with fewer than 200 plaintexts. For the final round attack, we utilized the Hamming weight of the most significant 4 bits of the S-box input to facilitate key recovery, resulting in a further boost in efficiency. These findings were published at SCIS 2023.Secondly, we investigated the conditions that trigger different leakage profiles. We discovered that the specific leakage observed in the screaming channel is connected to the memory employed in calculations. By altering the location of the S-box table, we can manipulate the leakage profiles for the information leakage.

今年，我们的研究取得了两项成果：第一，我们开发了两种密钥恢复方法，基于我们发现的尖叫信道的独特泄漏模型。这些方法利用了对泄漏模型的不同假设，从而设计了第二轮攻击和最终轮密钥恢复方法。在实验中，我们看到攻击效率比以前的方法有了相当大的提高。特别是对于第二轮攻击，我们利用了S盒输入的最高有效4位相同时泄漏的相似性。我们设计了一个选择明文攻击，采用的变化的痕迹作为一个伪随机数，使独立的关键字节恢复。我们的研究结果表明，可以检索到的密钥少于200明文。对于最后一轮攻击，我们利用S盒输入的最高有效4位的汉明权重来促进密钥恢复，从而进一步提高效率。这些研究结果发表在SCIS 2023上。其次，我们研究了触发不同泄漏轮廓的条件。我们发现，在尖叫通道中观察到的特定泄漏与计算中使用的内存有关。通过改变S-box表的位置，我们可以操纵信息泄漏的泄漏配置文件。