SaTC: STARSS: Small: Combined Side-channel Attacks and Mathematical Foundations of Combined Countermeasures

SaTC：STARSS：小：组合侧信道攻击和组合对策的数学基础

• 批准号: 1929774
• 负责人: Selcuk Kose
• 金额: $ 20.92万
• 依托单位: University of Rochester
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-01-01 至 2021-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1929774&HistoricalAwards=false
• 关键词: SaTC; STARSS; Small; Combined; Side

Digital information has become an integral part of our daily lives and there is a growing concern about the security of information. The amount of information that should be kept secure is increasing with the proliferation of high-tech electronics such as smart-phones, tablets, and wearable devices. Accordingly, the number of attacks from malicious parties to obtain the secret information that is stored in a secure (i.e., encrypted) device increases. Side-channel attacks are widely used to extract information from an integrated circuit (IC) or a smart card by observing different leakage sources such as power consumption, timing information, temperature, electromagnetic (EM) emanations, and acoustic waves while loading/executing/storing information. Due to the low cost and potentially non-invasive nature, side-channel attacks pose a serious threat to the security of personal, commercial, and military information. By providing design guidelines against side-channel attacks, our project benefits companies, governments, and individuals in securing the digital information.This project investigates the power and feasibility of combined side-channel attacks including both physical side-channel attacks (i.e., power, timing, and electromagnetic) and fault injection attacks. Since each attack vector leverages a different leakage mechanism, the countermeasures against different attack vectors may differ significantly. Accordingly, mathematical foundations of combined countermeasures against multiple attack vectors are developed. In this project, the existing resources are utilized as a countermeasure against combined attacks together with dedicated countermeasures to minimize the energy and performance overheads of security. This project provides several opportunities to underrepresented groups and undergraduate students to engage in hardware security research.

数字信息已成为我们日常生活中不可或缺的一部分，人们对信息安全的关注日益增加。随着智能手机、平板电脑和可穿戴设备等高科技电子产品的普及，需要保护的信息量不断增加。因此，来自恶意方为获取存储在安全(即，加密的)设备中的秘密信息而进行的攻击的数量增加。侧信道攻击广泛用于通过在加载/执行/执行时观察不同的泄漏源（例如功耗、定时信息、温度、电磁（EM）发射和声波）来从集成电路（IC）或智能卡中提取信息。存储信息。由于成本低廉且具有潜在的非侵入性，侧信道攻击对个人、商业和军事信息的安全构成严重威胁。通过提供针对侧信道攻击的设计指南，我们的项目有利于公司、政府和个人保护数字信息。该项目研究了组合侧信道攻击的威力和可行性，包括物理侧信道攻击（即功率、定时、电磁）和故障注入攻击。由于每个攻击向量利用不同的泄漏机制，因此针对不同攻击向量的对策可能会有很大不同。因此，开发了针对多种攻击向量的组合对策的数学基础。在该项目中，利用现有资源作为针对组合攻击的对策，并结合专用对策来最大限度地减少安全的能源和性能开销。该项目为弱势群体和本科生提供了一些参与硬件安全研究的机会。

项目成果

A Secure Hardware-Assisted AMI Authentication Scheme for Smart Cities

面向智慧城市的安全硬件辅助 AMI 身份验证方案

• DOI: 10.1109/mce.2020.3040717
• 发表时间: 2021-07-01
• 期刊: IEEE Consumer Electronics Magazine
• 影响因子: 4.5
• 作者: Fathi H. Amsaad;Selçuk Köse
• 通讯作者: Selçuk Köse

A New Class of Covert Channels Exploiting Power Management Vulnerabilities

利用电源管理漏洞的新型隐蔽通道

• DOI: 10.1109/lca.2018.2860006
• 发表时间: 2018-07
• 期刊: IEEE Computer Architecture Letters
• 影响因子: 2.3
• 作者: Khatamifard, S. Karen;Wang, Longfei;Kose, Selcuk;Karpuzcu, Ulya R.
• 通讯作者: Karpuzcu, Ulya R.