Investigating Profiled Side-Channel Attacks Against the DES Key Schedule

Heyszl, Johann; Miller, Katja; Unterstein, Florian; Schink, Marc; Wagner, Alexander; Gieser, H.; Freud, Sven; Damm, Tobias; Klein, Dominik; Kügler, Dennis

doi:10.13154/tches.v2020.i3.22-72

Cited by 2 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such information reveals important details about the internal state of the computer device, such as instructions executed, data processed, states of registers, etc. Previously, side channel information has been widely utilised to extract cryptographic keys from algorithms such as AES [25][26][27] , DES [28,29] and RSA [30] . However, there have also been attempts to use the side channel information of a computer device to reverse engineer embedded applications [31] , verify embedded application runtime integrity [32,33] , identify a device [34] , detect malware [35,36] , etc.…”

Section: Side Channel Analysismentioning

confidence: 99%

Anatomy of attacks on IoT systems: review of attacks, impacts and countermeasures

Msgna¹

2022

J Surveill Secur Saf

View full text Add to dashboard Cite

Aim: The Internet of Things is a disruptive technology that converts physical objects into a constant source of information. Internet-connected devices bridge the gap between the physical and virtual worlds through their data-generating set of sensors. Due to the large-scale proliferation of Internet-of-Things systems into practically every sector of modern life, they have also become the centre of growing cybersecurity threats and attacks. This is exacerbated by the connectivity between different kinds of devices and the lack of standardisation to govern them. The majority of papers on the security of the Internet of Things discuss one attack or threat at a time, which could lead to a fragmented understanding of their overall security posture. The aim of this paper is to provide a concise review of attacks on an Internet-of-Things system, their impacts on IoT assets and possible countermeasures. Methods: We review the available layered representation and functional components of the Internet of Things. We then identify the system's assets and review the literature on IoT attacks. We categorise these attacks into groups using common classification criteria and map them against the assets they target. We also identify the possible impacts that these attacks could have on an IoT system. We explore a number of security controls that could be deployed to detect or prevent the attacks. Finally, we evaluate these countermeasures against the assets they protect and the impacts they intend to prevent. Results: To clearly show the security of IoT systems, we identify assets, categorise the different attacks and map them to the different components of an IoT system. Further, we identify the different countermeasures and evaluate their effectiveness against IoT assets and attacks. Conclusion: The paper provides a clear and concise description of IoT functional components and computational models. It also presents an anatomy of attacks on such a system. In addition, the main assets of a typical IoT system are identified and elaborated. The different types of attacks that can be launched in an IoT environment are categorised and mapped against the different functional components. Further, the different assets are identified and countermeasures are evaluated on their effectiveness to protect them.

show abstract

Section: Side Channel Analysismentioning

confidence: 99%

Anatomy of attacks on IoT systems: review of attacks, impacts and countermeasures

Msgna¹

2022

J Surveill Secur Saf

View full text Add to dashboard Cite

show abstract

SCA secure and updatable crypto engines for FPGA SoC bitstream decryption: extended version

Unterstein

Jacob

Hanley³

et al. 2020

J Cryptogr Eng

Self Cite

View full text Add to dashboard Cite

FPGA system on chips (SoCs) are ideal computing platforms for edge devices in applications which require high performance through hardware acceleration and updatability due to long operation in the field. A secure update of hardware functionality can in general be achieved by using built-in cryptographic engines and provided secret key storage. However, reported examples have shown that such cryptographic engines may become insecure against side-channel attacks at any later point in time. This leaves already deployed systems vulnerable without any clear mitigation options. To solve this, we propose a comprehensive concept that uses an alternative and side-channel protected cryptographic engine within the FPGA logic instead of the built-in one for the crucial task of bitstream decryption. Remarkably this concept even allows to update the cryptographic engine itself. As proof of concept, we describe an application to the Xilinx Zynq-7020 FPGA SoC in detail. We provide two options for a leakage resilient decryption engine which are based on the same primitive, a leakage resilient pseudorandom function (LR-PRF). Depending on a side-channel evaluation of this primitive on the target platform, either a version with additional side-channel countermeasures or a more efficient variant is deployed. The lack of accessible secret key storage poses a significant challenge and requires the use of a physical unclonable function (PUF) to generate a device intrinsic secret within the FPGA logic. At the same time this means that manufacturer-provided secret key storage or cryptography is no longer required; only a public key for signature verification of the first stage bootloader and initial static bitstream. We provide empirical results proving the side-channel security of the protected cryptographic engine as well as an evaluation of the PUF quality. The full design and source code is made available to encourage further research in this direction.

show abstract

Investigating Profiled Side-Channel Attacks Against the DES Key Schedule

Cited by 2 publications

References 0 publications

Anatomy of attacks on IoT systems: review of attacks, impacts and countermeasures

Anatomy of attacks on IoT systems: review of attacks, impacts and countermeasures

SCA secure and updatable crypto engines for FPGA SoC bitstream decryption: extended version

Contact Info

Product

Resources

About