Evaluation of Asynchronous Hardware in terms of Resistivity against Cryptographic Attacks and Optimum Implementation of IPSecurity

异步硬件抗密码攻击能力评估及IPSecurity优化实现

• 批准号: 16500026
• 负责人: ABE Koki
• 金额: $ 2.37万
• 依托单位: The University of Electro-Communications
• 依托单位国家: 日本
• 项目类别: Grant-in-Aid for Scientific Research (C)
• 财政年份: 2004
• 资助国家: 日本
• 起止时间: 2004 至 2005
• 项目状态: 已结题
• 来源: https://kaken.nii.ac.jp/en/grant/KAKENHI-PROJECT-16500026/
• 关键词: cryptosystem implementation; differential power analysis; asynchronous hardware; bundled-data type; security protocol; VPN; 電力差分解析; 消費電力モデル; 非同期回路; ハンドシェイクプロトコル

Attacks to cryptosystems called DPAs (Differential Power Attacks) that enable them to decode the secret information of the systems by observing time dependence of power consumption during executing encryption and decryption processes pose a serious treat to security using secret keys. For hardware design, asynchronous methodology is known in which a unique global clock is not used. In asynchronous devices, processing time varies according to types of operations and data. Thus the asynchronously designed cryptosystems are expected to have high resistivity against DPA. This study was aimed at realization of such security processing that disables decoding secret keys at low cost and with high performance. Its application to real world is another objective. Results achieved by this study are summarized as follows.1.Developing methodology to evaluate DPA resistivity of cryptosystems : For designing secure cryptographic devices, evaluation of resistivity against attacks at each stage of desi … More gn flow from front to back ends are needed. For front-end design we proposed and evaluated a high speed simulation method at algorithmic level. We found that for back-end design circuit simulations are effective.2.Designing high speed and low cost asynchronous devices with low overhead : A new handshake protocol for bundled-data asynchronous circuits which can use the same data paths as those designed for synchronous circuits was proposed and implemented. The protocol generates efficiently stage delays. Evaluation experiments revealed that circuits implementing the protocol have lower power consumption and higher speed than conventional design.3.Proposing effective DPA attacks and developing the countermeasures : Taking DES as an example, we proposed effective DPA attacks by properly selecting reference positions and bits as well as stochastic methods to process the sampled data. We also proposed a method to introduce random variables to encryption table called RST (Random Switching Table). RST is applicable to cryptosystems with macro memory in FPGA, and thus valuable in many real applications. Bundled-data asynchronous circuits with RST for data paths are expected to improve all aspects of speed, power consumption, and security.4.Evaluating performance of VPN (Virtual Private Network) as an application of security protocol : We focused on OpenVPN as a representative of open source VPN software and evaluated the performance. Results showed that cache can form a bottleneck in software implementation of VPN. In such applications, dedicated hardware will be effective, and hardware cryptosystems with DPA resistivity will increase the degree of security, which belong to future work.Achievements of the research have been published in 29 articles (2 Japanese journals, 4 English journals, 5 international conference proceedings, and 18 domestic conference proceedings). An application of patent was made based on results from related study. Less

对称为dpa（差分功率攻击）的密码系统的攻击使它们能够通过观察执行加密和解密过程中功耗的时间依赖性来解码系统的秘密信息，这对使用密钥的安全性构成了严重的威胁。对于硬件设计，异步方法是已知的，其中不使用唯一的全局时钟。在异步设备中，处理时间根据操作类型和数据类型的不同而不同。因此，异步设计的密码系统有望具有抗DPA的高电阻率。本研究旨在以低成本和高性能的方式实现这种无法解码密钥的安全处理。将其应用于现实世界是另一个目标。本文的研究结果总结如下：1。开发评估密码系统DPA电阻率的方法：为了设计安全的密码设备，在设计的每个阶段评估抗攻击的电阻率……需要从前端到后端更多的gn流。对于前端设计，我们提出并评估了一种算法级的高速仿真方法。我们发现对于后端设计电路仿真是有效的。设计低开销、高速度、低成本的异步设备：提出并实现了一种新的用于绑定数据异步电路的握手协议，该协议可以使用与同步电路相同的数据路径。该协议有效地产生阶段延迟。评估实验表明，采用该协议的电路比传统设计具有更低的功耗和更高的速度。提出有效的DPA攻击并制定对策：以DES为例，通过合理选择参考位置和参考位以及随机处理采样数据的方法，提出有效的DPA攻击。我们还提出了一种将随机变量引入加密表的方法，称为RST （random Switching table）。RST适用于FPGA中具有宏存储器的密码系统，具有广泛的实际应用价值。具有RST数据路径的捆绑数据异步电路有望在速度、功耗和安全性方面有所提高。作为安全协议应用的VPN （Virtual Private Network）性能评估：以OpenVPN为代表的开源VPN软件为研究对象，对其性能进行了评估。结果表明，高速缓存是VPN软件实现的瓶颈。在此类应用中，专用硬件将发挥作用，具有DPA电阻率的硬件密码系统将提高安全程度，这属于未来的工作。已发表论文29篇（日文期刊2篇，英文期刊4篇，国际会议论文集5篇，国内会议论文集18篇）。根据相关研究成果，提出了专利申请。少

项目成果

暗号回路の耐タンパー性評価手法の構築

密码电路防篡改评估方法构建

• 发表时间: 2005
• 期刊: SCIS2005(The 2005 Symposium on Cryptography and Information Security)
• 作者: 佐々木明彦;阿部公輝;大田和夫
• 通讯作者: 大田和夫

FFT多倍長乗算器のVLSI設計

FFT多精度乘法器的VLSI设计

• 发表时间: 2005
• 期刊: 日本応用数理学会論文誌 <15>[3]
• 作者: 矢崎俊志;阿部公輝
• 通讯作者: 阿部公輝

Performance Evaluation of Low-Power Handshake Protocol for Bundled-Data Asynchronous Cricuits

捆绑数据异步电路的低功耗握手协议的性能评估

• 发表时间: 2004
• 期刊: IEICE Tech Rep. VLD2004-66
• 作者: V.Paruchuri;A.Durresi;L.Barolli;M.Shimizu K.Abe
• 通讯作者: M.Shimizu K.Abe

比較的大きなプログラミング課題のための自動採点システム

针对相对较大的编程作业的自动评分系统

• 发表时间: 2006
• 期刊: 情報処理学会研究会報告(コンピュータ教育) <CE2006>[83]
• 作者: 田上恒大;阿部公輝
• 通讯作者: 阿部公輝

A Cost-Effective Handshake Protocol and Its Implementation for Bundled-Data Asynchronous Circuits

一种经济高效的捆绑数据异步电路握手协议及其实现

• 发表时间: 2006
• 期刊: IEICE Trans.Fundamentals <E89-A>[1]
• 作者: M.Shimizu;K.Abe
• 通讯作者: K.Abe