Bookchapters
Improving the Security of Wireless Sensor Networks by Protecting the Sensor Nodes against Side Channel Attacks
| Author(s) | Zoya Dyka, Peter Langendoerfer |
| Journal | Springer to appear 2012/13 |
| Abstract | Wireless sensor networks (WSNs) are becoming an essential building block in application fields such as critical infrastructure protection, industrial automation and telemedicine to name a few areas in which security plays a central role. Potential attackers of those applications will most probably attack the most vulnerable part of the overall systems, i.e. the WSNs. The wireless sensor nodes can be attacked by standard network based approaches but also by physical means if they are left unattended in remote sites which is, after all, the preferred application for WSN. We are convinced that protecting the wireless sensor nodes is essential since compromised nodes put the whole system at risk. The challenge with sensor nodes is that they are low cost and running with extremely limited resources but are expected to be operational for long time intervals up to several years. The long life time provides potential attackers with a lot of time to execute an attack and even worse to benefit from a successful attack. |
Journals
Extractors Against Side-Channel Attacks: Weak or Strong?
| Author(s) | Marcel Medwed and François-Xavier Standaert |
| Journal | Journal of Cryptographic Engineering, Volume 1, Number 3, 2012 |
| Abstract | Randomness extractors are important tools in cryptography. Their goal is to compress a high-entropy source into a more uniform output. Beyond their theoretical interest, they have recently gained attention because of their use in the design and proof of leakage-resilient primitives, such as stream ciphers and pseudorandom functions. However, for these proofs of leakage resilience to be meaningful in practice, it is important to instantiate and implement the components they are based on. In this context, while numerous works have investigated the implementation properties of block ciphers such as the AES Rijndael, very little is known about the application of side-channel attacks against extractor implementations. In order to close this gap, this paper instantiates a low-cost hardware extractor and analyzes it both from a performance and from a side-channel security point of view. Our investigations lead to contrasted conclusions. On one hand, extractors can be efficiently implemented and protected with masking. On the other hand, they provide adversaries with many more exploitable leakage samples than, e.g. block ciphers. As a result, they can ensure high security margins against standard (non-profiled) side-channel attacks and turn out to be much weaker against profiled attacks. From a methodological point of view, our analysis consequently raises the question of which attack strategies should be considered in security evaluations. |
Conferences
Compact Implementation and Performance Evaluation of Block Ciphers in ATtiny Devices
| Author(s) | Thomas Eisenbarth, Zheng Gong, Tim Güneysu, Stefan Heyse, Sebastiaan Indesteege, Stéphanie Kerckhof, François Koeune, Tomislav Nad, Thomas Plos und Francesco Regazzoni, et al. |
| Event | AFRICACRYPT 2012, July 10 – 12, 2012, Ifrane, Morocco |
| Abstract | The design of lightweight block ciphers has been a very active research topic over the last years. However, the lack of comparative source codes generally makes it hard to evaluate the extent to which implementations of different ciphers actually reach their low-cost goals on various platforms. This paper reports on an initiative aiming to relax this issue. First, we provide implementations of 12 block ciphers on an ATMEL AVR ATtiny45 8-bit microcontroller, and make the corresponding source code available on a web page. All implementations are made public under an open-source license. Common interfaces and design goals are followed by all designers to achieve comparable implementation results. Second, we evaluate performance figures of our implementations with respect to different metrics, including energy-consumption measurements and show our improvements compared to existing implementations. |
Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices
| Author(s) | Marcel Medwed, François-Xavier Standaert, Johann Großschädl und Francesco Regazzoni |
| Event | AFRICACRYPT 2010, May 3 – 6, 2010, Stellenbosch, South Africa |
| Abstract | The market for RFID technology has grown rapidly over the past few years. Going along with the proliferation of RFID technology is an increasing demand for secure and privacy-preserving applications. In this context, RFID tags need to be protected against physical attacks such as Differential Power Analysis (DPA) and fault attacks. The main obstacles towards secure RFID are the extreme constraints of passive tags in terms of power consumption and silicon area, which makes the integration of countermeasures against physical attacks even more difficult than for other types of embedded systems. In this paper we propose a fresh re-keying scheme that is especially suited for challenge-response protocols such as used to authenticate tags. We evaluate the resistance of our scheme against fault and side-channel analysis, and introduce a simple architecture for VLSI implementation. In addition, we estimate the cost of our scheme in terms of area and execution time for various security/performance trade-offs. Our experimental results show that the proposed re-keying scheme provides better security (and does so at less cost) than state-of-the-art countermeasures. |
The World Is Not Enough: Another Look on Second-Order DPA
| Author(s) | François-Xavier Standaert, Nicolas Veyrat-Charvillon, Elisabeth Oswald, Benedikt Gierlichs, Marcel Medwed, Markus Kasper und Stefan Mangard |
| Event | ASIACRYPT 2010, December 5 – 9, 2010, Singapore |
| Abstract | In a recent work, Mangard et al. showed that under certain assumptions, the (so-called) standard univariate side-channel attacks using a distance-of-means test, correlation analysis and Gaussian templates are essentially equivalent. In this paper, we show that in the context of multivariate attacks against masked implementations, this conclusion does not hold anymore. While a single distinguisher can be used to compare the susceptibility of different unprotected devices to first-order DPA, understanding second-order attacks requires to carefully investigate the information leakages and the adversaries exploiting these leakages, separately. Using a framework put forward by Standaert et al. at Eurocrypt 2009, we provide the first analysis that explores these two topics in the case of a masked implementation exhibiting a Hamming weight leakage model. Our results lead to refined intuitions regarding the efficiency of various practically-relevant distinguishers. Further, we also investigate the case of second- and third-order masking (i.e. using three and four shares to represent one value). This evaluation confirms that higher-order masking only leads to significant security improvements if the secret sharing is combined with a sufficient amount of noise. Eventually, we show that an information theoretic analysis allows determining this necessary noise level, for different masking schemes and target security levels, with high accuracy and smaller data complexity than previous methods. |
Fresh Re-keying II: Securing Multiple Parties against Side-Channel and Fault Attacks
| Author(s) | Marcel Medwed, Christoph Petit, Francesco Regazzoni, Mathieu Renauld und François-Xavier Standaert |
| Event | Tenth Smart Card Research and Advanced Application Conference (CARDIS 2011), September 14 – 16, 2011, Leuven, Belgium |
| Abstract | Security-aware embedded systems are widespread nowadays and many applications, such as payment, pay-TV and automotive applications rely on them. These devices are usually very resource constrained but at the same time likely to operate in a hostile environment. Thus, the implementation of low-cost protection mechanisms against physical attacks is vital for their market relevance. An appealing choice, to counteract a large family of physical attacks with one mechanism, seem to be protocol-level countermeasures. At last years Africacrypt, a fresh re-keying scheme has been presented which combines the advantages of re-keying with those of classical countermeasures such as masking and hiding. The contribution of this paper is threefold: most importantly, the original fresh re-keying scheme was limited to one low-cost party (e.g. an RFID tag) in a two party communication scenario. In this paper we extend the scheme to n low-cost parties and show that the scheme is still secure. Second, one unanswered question in the original paper was the susceptibility of the scheme to algebraic SPA attacks. Therefore, we analyze this property of the scheme. Finally, we implemented the scheme on a common 8-bit microcontroller to show its efficiency in software. |
Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs
| Author(s) | Marcel Medwed, François-Xavier Standaert und Antoine Joux |
| Event | Workshop on Cryptographic Hardware and Embedded Systems 2012 (CHES 2012), September 9 12, 2012, Leuven, Belgium |
| Abstract | Leakage-resilient constructions have attracted significant attention over the last couple of years. In practice, pseudorandom functions are among the most important such primitives, because they are stateless and do not require a secure initialization as, e.g. stream ciphers. However, their deployment in actual applications is still limited by security and efficiency concerns. This paper contributes to solve these issues in two directions. On the one hand, we highlight that the condition of bounded data complexity, that is guaranteed by previous leakage-resilient constructions, may not be enough to obtain practical security. We show experimentally that, if implemented in an 8-bit microcontroller, such constructions can actually be broken. On the other hand, we present tweaks for tree-based leakage-resilient PRFs that improve their efficiency and their security, by taking advantage of parallel implementations. Our security analyses are based on worst-case attacks in a noise-free setting and suggest that under reasonable assumptions, the side-channel resistance of our construction grows super-exponentially with a security parameter that corresponds to the degree of parallelism of the implementation. In addition, it exhibits that standard DPA attacks are not the most relevant tool for evaluating such leakage-resilient constructions and may lead to overestimated security. As a consequence, we investigate more sophisticated tools based on lattice reduction, which turn out to be powerful in the physical cryptanalysis of these primitives. Eventually, we put forward that the AES is not perfectly suited for integration in a leakage-resilient design. This observation raises interesting challenges for developing block ciphers with better properties regarding leakage-resilience. |
Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output
| Author(s) | Benedikt Gierlichs, Jörn-Marc Schmidt and Michael Tunstall |
| Event | Second International Conference on Cryptology and Information Security in Latin America (LATINCRYPT) October 8 – 10, Santiago de Chile, Chile |
| Abstract | Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned. |
Attacking an AES-Enabled NFC Tag: Implications from Design to a Real-World Scenario
| Author(s) | Thomas Korak, Thomas Plos and Michael Hutter |
| Event | Third International Workshop on Conductive Side-Channel Analysis an Secure Design (COSDADE) May 3 – 4, Darmstadt, Germany |
| Abstract | Radio-frequency identification (RFID) technology is the enabler for applications like the future internet of things (IoT), where security plays an important role. When integrating security to RFID tags, not only the cryptographic algorithms need to be secure but also their implementation. In this work we present differential power analysis (DPA) and differential electromagnetic analysis (DEMA) attacks on a security-enabled RFID tag. The attacks are conducted on both an ASIC-chip version and on an FPGA-prototype version of the tag. The design of the ASIC version equals that of commercial RFID tags and has analog and digital part integrated on a single chip. Target of the attacks is an implementation of the Advanced Encryption Standard (AES) with 128-bit key length and DPA countermeasures. The countermeasures are shuffling of operations and insertion of dummy rounds. Our results illustrate that the effort for successfully attacking the ASIC chip in a real-world scenario is only 4.5 times higher than for the FPGA prototype in a laboratory environment. This let us come to the conclusion that the effort for attacking contactless devices like RFID tags is only slightly higher than that for contact-based devices. The results further underline that the design of countermeasures like the insertion of dummy rounds has to be done with great care, since the detection of patterns in power or electromagnetic traces can be used to significantly lower the attacking effort. |
Exploiting the Difference of Side-Channel Leakages
| Author(s) | Michael Hutter, Mario Kirschbaum, Thomas Plos, Jörn-Marc Schmidt and Stefan Mangard |
| Event | Third International Workshop on Conductive Side-Channel Analysis an Secure Design (COSDADE) May 3 – 4, Darmstadt, Germany |
| Abstract | In this paper, we propose a setup that improves the performance of implementation attacks by exploiting the difference of side-channel leakages. The main idea of our setup is to use two cryptographic devices and to measure the difference of their physical leakages, e.g., their power consumption. This increases the signal-to-noise ratio of the measurement and reduces the number of needed power-consumption traces in order to succeed an attack. The setup can efficiently be applied (but is not limited) in scenarios where two synchronous devices are available for analysis. By applying template-based attacks, only a few power traces are required to successfully identify weak but data-dependent leakage differences. In order to quantify the efficiency of our proposed setup, we performed practical experiments by designing three evaluation boards that assemble different cryptographic implementations. The results of our investigations show that the needed number of traces can be reduced up to 90%. |
Compact Hardware Implementations of the Block Ciphers mCrypton, NOEKEON, and SEA
| Author(s) | Thomas Plos, Christoph Dobraunig, Alexander Oprisnik, Markus Hofinger, Christoph Wiesmeier and Johannes Wiesmeier |
| Event | Indocrypt 2012, December 9-12, 2012 Kolkata, India |
Security-Aware Design and Verification Techniques with RTL Compiler
| Author(s) | U. Özcan, M. Boock, S. Burfeind |
| Event | Proceedings of CDNLive! EMEA Cadence User Conference May 2012, Munich, Germany |
PRINCE – A Low-latency Block Cipher for Pervasive Computing Applications
| Author(s) | Julia Borghoff, Anne Canteaut, Tim Güneysu, Elif Bilge Kavun, Miroslav Knezevic, Lars R. Knudsen, Gregor Leander, Ventzislav Nikov, Christof Paar, Christian Rechberger, Peter Rombouts, Soren S. Thomsen and Tolga Yalçın |
| Event | ASIACRYPT 2012, December 2-6, 2012, Beijing, China |
| Abstract | This paper presents a block cipher that is optimized with respect to latency when implemented in hardware. Such ciphers are desirable for many future pervasive applications with real-time security needs. Our cipher, named PRINCE, allows encryption of data within one clock cycle with a very competitive chip area compared to known solutions. The fully unrolled fashion in which such algorithms need to be implemented calls for innovative design choices. The number of rounds must be moderate and rounds must have short delays in hardware. At the same time, the traditional need that a cipher has to be iterative with very similar round functions disappears, an observation that increases the design space for the algorithm. An important further requirement is that realizing decryption and encryption results in minimum additional costs. PRINCE is designed in such a way that the overhead for decryption on top of encryption is negligible. More precisely for our cipher it holds that decryption for one key corresponds to encryption with a related key. This property we refer to as alpha-reflection is of independent interest and we prove its soundness against generic attacks. |
Low-Latency Encryption – Is “Lightweight = Light + Wait”?
| Author(s) | Miroslav Knezevic, Ventzislav Nikov and Peter Rombouts |
| Event | Workshop on Cryptographic Hardware and Embedded Systems 2012 (CHES 2012), September 9 12, 2012, Leuven, Belgium |
| Abstract | The processing time required by a cryptographic primitive implemented in hardware is an important metric for its performance but it has not received much attention in recent publications on lightweight cryptography. Nevertheless, there are important applications for cost effective low-latency encryption. As the first step in the field, this paper explores the low-latency behavior of hardware implementations of a set of block ciphers. The latency of the implementations is investigated as well as the trade-offs with other metrics such as circuit area, time-area product, power, and energy consumption. The obtained results are related back to the properties of the underlying cipher algorithm and, as it turns out, the number of rounds, their complexity, and the similarity of encryption and decryption procedures have a strong impact on the results. We provide a qualitative description and conclude with a set of recommendations for aspiring low-latency block cipher designers. |
Threshold Implementations of All 3 × 3 and 4 × 4 S-Boxes
| Author(s) | Begul Bilgin, Svetla Nikova, Ventzislav Nikov, Vincent Rijmen and Georg Stutz |
| Event | Workshop on Cryptographic Hardware and Embedded Systems 2012 (CHES 2012), September 9 – 12, 2012, Leuven, Belgium |
| Abstract | Side-channel attacks have proven many hardware implementations of cryptographic algorithms to be vulnerable. A recently proposed masking method, based on secret sharing and multi-party computation methods, introduces a set of sufficient requirements for implementations to be provably resistant against first-order DPA with minimal assumptions on the hardware. The original paper doesnt describe how to construct the Boolean functions that are to be used in the implementation. In this paper, we derive the functions for all invertible 3 ×3, 4 ×4 S-boxes and the 6 ×4 DES S-boxes. Our methods and observations can also be used to accelerate the search for sharings of larger (e.g. 8 ×8) S-boxes. Finally, we investigate the cost of such protection. |
Enabling trusted scheduling in embedded systems
| Author(s) | Ramya Jayaram Masti, Claudio Marforio, Aanjhan Ranganathan, Aurélien Francillon and Srdjan Capkun |
| Event | ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA |
| Abstract | The growing complexity and increased networking of security-and safety-critical systems expose them to the risk of adversarial compromise through remote attacks. These attacks can result in full system compromise, but often the attackergains control only over some system components (e.g., a peripheral) and over some applications running on the system. We consider the latter scenario and focus on enabling on-schedule execution of critical applications that are running on a partially compromised system we call this trusted scheduling. We identify the essential properties needed for the realization of a trusted scheduling system and we design an embedded system that achieves those properties. We show that our system protects not only against misbehaving applications but also against attacks by compromised peripherals. We evaluate the feasibility and performance of our system through a prototype implementation based on the AVR ATmega103 microcontroller. |
Side Channel Attacks and the Non Volatile Memory of the Future
| Author(s) | Zoya Dyka, Christian Walcyk, Damian Walczyk, Christian Wenger, Peter Langendoerfer |
| Event | Proceedings of International Conference on Compilers, Architectures and Synthesis for Embedded Systems (CASES), October 2012, ACM DL (invited paper), Tampere, Finland |
| Abstract | In this paper, we describe a new non-volatile memory, based on metal-insulator-metal that provides performance benefits compared to standard Flash memory. In addition and more importantly, it comes with some advantages with respect to side channel attacks, i.e., its structure prevents by default optical analysis. |
Tool-supported Methodology for Component-based Design of Wireless Sensor Network Applicationss
| Author(s) | Steffen Peter, Peter Langendörfer |
| Event | CORCS 2012 – The 4th IEEE International Workshop on Component-Based Design of Resource-Constrained Systems, in conjunction with COMPSAC 2012 – the IEEE Signature Conference on Computers, Software, and Applications, July 16-20, 2012 Izmir, Turkey |
| Abstract | A major issue when developing Wireless sensor networks applications is the need for highly specialized knowledge in the field of embedded programming, networking and in the application domain. In order to speed up the development process, a new methodology for WSN application development is required. It needs to provide ready to use building blocks as well as means to map application requirements to technical features provided by these blocks. Last but not least, mechanisms to select appropriate building blocks and to evaluate the system compiled out of these blocks are essentially needed. This paper presents a design flow fulfilling the mentioned features. In a first step, user requirements elicited from a managed catalog are translated to a graph structure. Then, properties of the composed system derived from meta-information of the applied components are evaluated to resolve constraints representing application requirements and/or features of the target system in the derived system model. The validity of the methodology, for which the needed tool support has actually been implemented, is shown in an example that illustrates how this approach can propose correct configurations for secure systems as proposed in related work. Since the approach allows designing correct and fine-tuned solutions even for general application requirements we consider it to be a significant step towards improved programmability of WSN nodes. |
Improved Fixed-base Comb Method for Fast Scalar Multiplication
| Author(s) | Nashwa A. F. Mohamed, Mohsin H. A. Hashim, and Michael Hutter |
| Event | AFRICACRYPT , July 10-12 2012, Ifrane, Morocco |
| Abstract | Computing elliptic-curve scalar multiplication is the most time consuming operation in any elliptic-curve cryptosystem. In the last decades, it has been shown that pre-computations of elliptic-curve points improve the performance of scalar multiplication especially in cases where the elliptic-curve point P is fixed. In this paper, we present an improved fixed-base comb method for scalar multiplication. In contrast to existing comb methods such as proposed by Lim and Lee or Tsaur and Chou, we make use of a width-ω non-adjacent form representation and restrict the number of rows of the comb to be greater or equal ω. The proposed method shows a significant reduction in the number of required elliptic-curve point addition operation. The computational complexity is reduced by 33 to 38 % compared to Tsaur and Chou method even for devices that have limited resources. Furthermore, we propose a constant-time variation of the method to thwart simple-power analysis attacks. |
SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust
| Author(s) | El Defrawy, Karim and Francillon, Aurélien and Perito, Daniele and Tsudik, Gene |
| Event | “Proceedings of the Network and Distributed System Security Symposium, NDSS 2012” San Diego, USA |
| Abstract | Remote attestation is the process of securely verifying internal state of a remote hardware platform. It can be achieved either statically (at boot time) or dynamically, at run-time in order to establish a dynamic root of trust. The latter allows full isolation of a code region from preexisting software (including the operating system) and guarantees untampered execution of this code. Despite the untrusted state of the overall platform, a dynamic root of trust facilitates execution of critical code. Prior software-based techniques lack concrete security guarantees, while hardware-based approaches involve security co-processors that are too costly for low-end embedded devices. In this paper, we develop a new primitive (called SMART) based on hardware-software co-design. SMART is a simple, efficient and secure approach for establishing a dynamic root of trust in a remote embedded device. We focus on low-end microcontroller units (MCU) that lack specialized memory management or protection features. SMART requires minimal changes to existing MCUs (while providing concrete security guarantees) and assumes few restrictions on adversarial capabilities. We demonstrate both practicality and feasibility of SMART by implementing it via hardware modifications on two common MCU platforms: AVR and MSP430. Results show that SMART implementations require only a few changes to memory bus access logic. We also synthesize both implementations to an 180nm ASIC process to confirm its small impact on MCU size and overall cost. |
Design of a Test Processor for Asynchronous Chip Test
| Author(s) | Steffen Zeidler, Christoph Wolf, Milo Krsti´c, Frank Vater, Rolf Kraemer |
| Event | Proceedings of the IEEE Asian Test Symposium (ATS '11), 2011 |
| Abstract | Due to asynchronous timing and arbitration asynchronous designs may behave nondeterministically. For the test of such systems, this means that an exact timing, i.e. a tester cycle, of a test response cannot be guaranteed. This behavior makes functional tests of asynchronous designs relatively complex or even impossible. Therefore, this paper presents a concept for performing functional tests of asynchronous designs using a test processor infrastructure. To this end, we propose a low-cost 16-bit microprocessor solution with special support of asynchronous handshake signalling that can either be integrated into the device-under-test (DUT), mounted on the load board of the tester or a combination of both. |
Fast Multi-Precision Multiplication for Public-Key Cryptography on Embedded Microprocessors?
| Author(s) | Michael Hutter, Erich Wenger |
| Event | Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2011 Nara, Japan September 28th – October 1st |
| Abstract | Multi-precision multiplication is one of the most fundamental operations on microprocessors to allow public-key cryptography such as RSA and Elliptic Curve Cryptography (ECC). In this paper, we present a novel multiplication technique that increases the performance of multiplication by sophisticated caching of operands. Our method significantly reduces the number of needed load instructions which is usually one of the most expensive operation on modern processors. We evaluate our new technique on an 8-bit ATmega128 microcontroller and compare the result with existing solutions. Our implementation needs only 2,395 clock cycles for a 160-bit multiplication which outperforms related work by a factor of 10 % to 23 %. The number of required load instructions is reduced from 167 (needed for the best known hybrid multiplication) to only 80. Our implementation scales very well even for larger Integer sizes required for RSA) and limited register sets. It further fully complies to existing multiply-accumulate instructions that are integrated in most of the available processors. |
Extractors Against Side-Channel Attacks: Weak or Strong?
| Author(s) | Marcel Medwed and François-Xavier Standaert |
| Event | Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2011 Nara, Japan September 28th – October 1st |
| Abstract | Randomness extractors are important tools in cryptography, of which the goal is to compress a high-entropy source into a more uniform output. Beyond their theoretical interest, they have recently gained attention because of their use in the design and proof of leakage-resilient primitives, such as stream ciphers and pseudorandom functions. However, for these proofs of leakage resilience to be meaningful in practice, it is important to instantiate and implement the components they are based on. In this context, while numerous works have investigated the implementation properties of block ciphers such as the AES Rijndael, very little is known about the application of side-channel attacks against extractor implementations. In order to close this gap, this paper instantiates a low-cost hardware extractor and analyzes it both from a performance and from a side-channel security point of view. Our investigations lead to contrasted conclusions. On the one hand, extractors can be efficiently implemented and protected with masking. On the other hand, they provide adversaries with many more exploitable leakage samples than, e.g. block ciphers. As a result, they can ensure high security margins against standard (non-profiled) side-channel attacks and turn out to be much weaker against profiled attacks. From a methodological point of view, our analysis consequently raises the question of which attack strategies should be considered in security evaluations. |
Towards a Secure Address Space Separation for Low Power Sensor Nodes
| Author(s) | O. Stecklina, P. Langendörfer, H. Menzel |
| Event | 1st International Conference on Pervasive and Embedded Computing and Communication Systems Algarve, Portugal March 05 – 07, 2011 |
| Abstract | Wireless sensor networks are becoming more and more considered for application in real world systems such as automation control, critical infrastructure protection and the like. By going wireless these systems are no longer to be protected by fences and walls but need to take into account security of all their components. In this paper we discuss two alternatives for implementing isolation on a Micro Controller Unit (MCU). The first one is a pure software solution, i.e. a Hypervisor which comes with a reasonable performance penalty when applied for 16-bit RISC processor cores such as the TI MSP430. Since it is a pure software solution it can be applied to existing MCUs without any hardware modification. Our second approach is to use a Memory Protection Unit (MPU) realized in hardware, which is placed between the processing core and the resources of the sensor node. The MPU especially supports fine-grained isolation of the sensor node software and further reduces the performance penalty compared to the pure software solution. |
Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output
| Author(s) | Benedikt Gierlichs, Jörn-Marc Schmidt, Michael Tunstall |
| Event | Second International Conference on Cryptology and Information Security in Latin America Santiago de Chile, Chile October 07 – 10, 2012 |
| Abstract | Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned. |
Deliverables
List of technical Deliverables
| Del. no. | Deliverable name | Deliv. date* | More Info |
| D1.1 | Sensor network related requirements | M6 | more info |
| D1.2 | Analysis of attacks on sensor nodes software and hardware | M9 | more info |
| D1.3 | Definition of performance and security parameters | M11 | more info |
| D1.4 | Tools and methods for a unified secure design flow of sensor node hardware | M12 | more info |
| D2.1 | Report on tests measures and attacks | M20 | more info |
| D2.2 | Report on SCA countermeasure evaluation and validation | M24 | |
| D2.3 | Report on fault attacks and combined implementation attacks | M30 | |
| D2.4 | Secured crypto cores | M30 | |
| D2.5 | Description of a design flow for tamper resistant circuits | M30 | |
| D3.1 | Cryptographic Requirements for Sensor Nodes | M9 | more info |
| D3.2 | Lightweight cryptographic technologies and their security | M14 | more info |
| D3.3 | On the secure implementation of asymmetric cryptography for sensor nodes | M36 | |
| D3.4 | On the secure implementation of symmetric cryptography for sensor nodes | M36 | |
| D4.1 | Specification of lightweight memory protection mechanisms | M16 | |
| D4.2 | Implementation of lightweight memory protection mechanisms | M21 | |
| D4.3 | Specification of boot-strapping and code attestation mechanisms | M19 | |
| D4.4 | Implementation of boot-strapping and code attestation mechanisms | M24 | |
| D4.5 | Specification of a secure scan-chain and debug-support-unit for sensor nodes | M25 | |
| D4.6 | Implementation of a secure scan-chain and debug-support-unit for sensor nodes | M27 | |
| D4.7 | Analysis of guidelines of intra-system communication and partitioning between secure/unsecure components | M30 | |
| D5.1 | Description of the Unified Design Flow and Toolkit | M31 | |
| D5.2 | Report on system integration | M28 | |
| D5.3 | Sensor Node Prototype | M32 | |
| D5.4 | Sensor Node measurements | M35 |
*Month 1 = October 2010
Posters and Presentations
Poster: TAMPRES – A tamper resistant sensor node
| Author(s) | Steffen Peter, Michaela Schreier, Peter Langedoerfer |
| Event | 4th Summer School on Network and Information Security 27 June – 4 July 2011 Crete, Greece |
| Abstract | - |
