SaTC: CORE: Small: An Automated Framework for Mitigating Single-Trace Side-Channel Leakage

SaTC：核心：小型：用于减轻单迹侧通道泄漏的自动化框架

• 批准号: 2241879
• 负责人: Aydin Aysu
• 金额: $ 33.98万
• 依托单位: North Carolina State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2241879&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Automated; Framework

Quantum computers can break existing cryptography algorithms (e.g., RSA - Rivest–Shamir–Adleman) that are used to secure data transmission in everyday applications, such as point-of-sale purchases and online payments. Post-quantum cryptography seeks new cybersecurity solutions for such applications that are resilient to quantum computer attacks. The National Institute of Science and Technology (NIST) is currently evaluating and standardizing such algorithms for mass-scale adoption. Although these algorithms can be shown to be theoretically secure, their practical implementation can be vulnerable to attacks. Specifically, adversaries can use the power consumption or electromagnetic radiation of a device running the cryptography algorithm to reverse-engineer computations and steal secret cryptographic keys. Therefore, practical deployment of next-generation cybersecurity standards requires protected software implementations against such attacks. At the same time, the validation and application of such defenses need automation to broadly address these vulnerabilities in a variety of computing devices. The project’s novelties are exposing unknown risks of software running post-quantum cryptography to reverse-engineering attacks and developing a new framework to automatically address those risks. The project’s broader significance and importance are improving national security and training a cybersecurity-aware science, technology, engineering and mathematics (STEM) workforce. This project analyzes side-channel security vulnerabilities in the software implementations of lattice-based cryptography algorithms that were chosen by NIST for post-quantum standardization. The primary research objective of this project is to develop a framework to automatically expose and mitigate single-trace side-channel vulnerabilities. Single-trace attacks aim to steal information from a single execution's leakage and are harder to mitigate than those needing repeated measurements. The project augments low-level virtual machine frameworks by applying static and dynamic program analysis to detect vulnerabilities, and by using program repair with randomization techniques to address the leakage.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

量子计算机可以打破现有的加密算法（例如RSA-Rivest-Shamir – Adleman），这些算法用于在每天的应用程序中确保数据传输，例如销售点购买和在线支付。 Quantum加密后，为这些应用程序寻求新的网络安全解决方案，这些应用程序取决于量子计算机攻击。美国国家科学技术研究所（NIST）目前正在评估和标准化这种采用算法的算法。尽管这些算法可以证明是理论上的安全，但它们的实际实现可能很容易受到攻击。具体而言，对手可以使用运行加密算法的设备的功耗或电子辐射来反向工程计算并窃取秘密加密密钥。因此，下一代网络安全标准的实际部署需要受保护的软件实施，以防止此类攻击。同时，此类防御的验证和应用需要自动化，以在各种计算设备中广泛解决这些漏洞。该项目的新颖性正在揭示运行量词后密码学的软件的未知风险，以反向工程攻击并开发一个新的框架以自动解决这些风险。该项目更广泛的意义和重要性是改善国家安全和培训网络安全感知科学，技术，工程和数学（STEM）劳动力。该项目分析了基于晶格的加密算法的软件实现中的侧通道安全漏洞，而NIST选择了量子后标准化。该项目的主要研究目标是开发一个框架，以自动暴露和减轻单轨侧通道漏洞。单轨攻击旨在从单个执行的泄漏中窃取信息，并且比需要重复测量的信息更难减轻。该项目通过应用静态和动态的程序分析来检测漏洞，并使用随机化技术来解决泄漏，这增强了低级虚拟机框架。该奖项反映了NSF的坚定任务，并被认为是通过使用基金会的智力和更广泛影响的评估来审查Criteria来通过评估来通过评估来获得支持的。